PIM – Access Review : The Practice

introduction in previous article : we have discussed the concepts of ( access review ) and said it come to resolve many issues including but BOT limited to excessive access of privileged role this article we will see how to use PIM access review with best practice let us go organization case study organization  pioneers101 has the following privileged role membership Global Admin RRead More…

PIM – Access Review : The Concepts

introduction after long time of working with microsoft 365 : you will notice that you have a lot of Privileged roles assigned to users some of these Roles still needed and some is NOT required any more this will lead to find anew technique to control the situation which called ( PIM Access review ) as extending to our approach here in Networks pioneers : the first article(s) focus on theRead More…

PIM: Audit Logs & Alerts

introduction after we have seen how to configure PIM approaches like : Just in Time  ( Eligible Role ) Time Bound Access Permanent  active Access it’s very important to be familiar with PIM audit logs and alerts  to keep monitoring administrative activities at your organization PIM Audit Logs With Azure Active Directory (Azure AD) Privileged Identity Management (PIM), you can vRead More…

PIM : Configuring Time-bound Access

introduction in previous article we have seen how to configure PIM eligible assignment this article : we will discuss new aspect of PIM which is time-bound assignment time-bound assignment time-bound assignment concepts is assign privileged role for user for specific time ( for example 3 months ) ‘but this time : user is activated for all time period ( 3 month ) , and there is NO need to actRead More…

PIM: force approval workflow to eligible role

introduction in previous article : we have seen how to assign eligible privileged role to user , and seen also that user can activate his eligible role by him self without need approval from approver this article we will see how to force approval workflow to activate eligible role when to use approval workflow for eligible role there are some time you need to configure approval workflow for Read More…

PIM : Just in Time JIT

introduction PIM enable you to control to  use administrative roles just in time ( JIT ) is one of PIM approach that allow you to reduce the of compromising your Cloud organization this article we will discuss how to use JIT to control privileged administrative role effectively how JIT works JIT works in the following scenario PIM admin (who is normally is global admin  like bisan@Read More…

Privileged Identity Management : The initial Configuration

introduction in second article of PIM : we will see how to setup initial configuration for PIM before get some examples  of how to use PIM best practice let us  go who can enable PIM any member of Global Admin Role can enable PIM when he enabled PIM >> he will be added to (Privileged Role Administrator ) as seen above : bisan and ahmad are global admin >> they are the ONRead More…

Privileged Identity Management : The Concepts

introduction any Organization want to minimize the number of people who have access to secure information or resources, which will reduces the chance of a malicious actor getting that access, or  even an authorized user impacting a sensitive resource this will lead us to the concept of Privileged Identity Management (PIM) what is Privileged Identity Management (PIM) Privileged Identity MRead More…

Identity Protection :emergency access and break glass

introduction any organization might  require for an emergency account in the Azure Active Directory. for many difficult situation including but NOT limited to  : The administrator registers with Azure Multi-Factor Authentication (MFA) and all their personal devices are not available or even stolen 🙁 All synchronized account with admin access are deleted and or disabled by malicious atRead More…

Identity Protection : policies

introduction Azure Active Directory Identity Protection includes three default policies that administrators can   enable. These policies include limited customization but are applicable to most organizations. All of the policies allow for excluding users such as your emergency access or break-glass administrator accounts. Azure AD MFA registration policy Identity Protection can help orRead More…

Azure AD Identity Protection :Security Overview

introduction The Security overview in the Azure portal gives you an insight into your organization’s security posture. It helps identify potential attacks and understand the effectiveness of your policies. The ‘Security overview’ is broadly divided into two sections: Trends, on the left, provide a timeline of risk in your organization. Tiles, on the right, highlight the key ongRead More…

Azure AD Identity Protection Tool

introduction Azure AD Identity Protection is a tool that allows organizations to do the following : Automate the detection and remediation of identity-based risks. Investigate risks using data in the portal. Export risk detection data to third-party utilities for further analysis. The signals generated by Identity Protection, can be further send information to tools like: CondiRead More…

conditional access : what if scenario simulator

introduction some time you have many conditional access policy and you need to know what policy will be applied will be applied to specific situation the solution is conditional access what if scenario simulator For Better View > Open Image in different TAB What If tool the Conditional Access What If policy tool allows you to understand the impact of your Conditional Access polRead More…

Conditional Access : Require device to be compliant

introduction organization may allow users to use their computers  to increase productivity but  IT staff need to first manage the device identities. IT staff can build on the device identity with tools like Microsoft Intune to ensure standards for security and compliance are met. Azure Active Directory (Azure AD) enables single sign-on to devices, apps, and services from anywhere throuRead More…

Conditional Access : require Devices to join Azure AD

introduction this article we  will  see how to block group purchasing  to access office.com with unregistered devices in azure AD   please join us Pioneers OBS before start apply Conditional Access : we need to understand the Organization Breakdown Structure for company Pioneers OBS  For Better View > Open Image in different TAB For Better View > Open Image in differentRead More…

Conditional Access : require MFA when Connecting from untrusted IPs

introduction in previous article we have seen how to BLOCK sales department to connect office.com from outside Saudi Arabia this article : we will see how to require MFA ( Multi Factor Authentication ) for HR department when connecting from untrusted IP address Pioneers OBS before stat apply Conditional Access : we need to understand the Organization Breakdown Structure for company Pioneers Read More…

Conditional Access : block access based on country

introduction in coming  articles we will  see how to apply conditional access with varias requirements pleas join us Pioneers OBS before stat apply Conditional Access : we need to understand the Organization Breakdown Structure for company Pioneers OBS  For Better View > Open Image in different TAB For Better View > Open Image in different TAB For Better View > Open IRead More…

Conditional Access : the concepts

introduction by default : Microsoft 354 users can access organization’s resources from any devices and  from anywhere As a result, it could be  subjected to many risk the solution  With Azure AD Conditional Access : we can control when and where user can login to which Apps and using which devices MoreOver : we can also apply specific security settings to be applied in specific Read More…

Multi Factor Authentication :Mobile SMS

introduction this article we will see different approach of MFA which is MFA using SMS Configure MFA for user MFA SMS send you direct message to your registered phone number if you lost phone >> simply you can ask Microsoft 365 admin to reset you MFA settings and require different method let us go login to microsoft 365 admin center with global admin or user admin role selectRead More…

Multi Factor Authentication : Google Authenticator App

introduction previous article : we have seen how to configure MFA with microsoft authenticator app as we have seen prove approve or reject action on real time this article we will configure user to use google authenticator app which work on different approach of microsoft authenticator app Google Authenticator is a software-based authenticator by Google that implements two-step verRead More…

Multi Factor Authentication : Microsoft Authenticator App

introduction in previous article : we have got an overview about MFA this article we will see how to configure user to use [microsoft authenticator app ] as second factor microsoft authenticator app Microsoft Authenticator is a multifactor app for mobile devices that generates time-based codes used during the Two-Step Verification process. we can download microsoft authenticator app from Read More…

Multi Factor Authentication : the concepts

introduction In cloud  environment :  the simple  authentication of  “username and password”   can be easily breached by cyber criminals. and Many logins  can be compromised in  minutes >>  then private data; such as personal and financial details, will be under  threat. Which lead us to try to add more authentication methods to make it very difficult to breach your accoRead More…

Identity Protection: Introduction to Azure Active Directory

introduction speaking about microsoft 365 without pointing to Azure Active Directory is meaningless simply because Microsoft 365 is relay on Azure Active Directory [AAD ] for identity management in the first article of series  identity management & Protection  : we have found here in networks pioneers that it is very  important to understand Azure Active Directory [later referred to Read More…

Cloud App Security- Office 365 connector : the concepts

introduction Using Office 365 may expose your sensitive data not only internally, but also to external collaborators or even worse make it publicly available via a shared link. Such incidents might occur due to malicious actor, or by an unaware employee. moreover  Office 365 also provides a large third-party app eco-system to help boost productivity. and these apps  also can expose Read More…

Cloud App Security: App Connector

introduction
Microsoft cloud app security uses app connectors,  to do the following :  deep integration threat protection government actions and policy enforcement  cloud app security can query the cloud app API for activity logs, and start scanning data, accounts, and cloud content. App connectors use the APIs of app providers to enable greater visibility and control by ClRead More…

Cloud App Security :Configure System Settings

introduction
after we have got an overview about CAS and see how to create trial  subscription  this article will used to configure System settings for CAS  as the first actions to be done after create subscription 
CAS settings
before you start working with cloud app security : it’s better to configure system settings  login to https://portal.cloudappsecurity.com fromRead More…

Cloud App Security : Trial Subscription

introduction in previous article : we hat got an overview about Cloud App Security this article we will see how to subscribe and how to access then manage CAS please join us CAS prerequisites CAS [or MCAS ] require the following license  for License :  need one of the following  : Azure Active Directory AD Premium 1 with limited feature Enterprise Mobility Suite  EMS ERead More…

Cloud App Security : the facts

introduction first article of CAS we have got an overview of cloud app security this article we will keep discovering CAS fact CAS Area   CAS has two flavors : CAS for office 365 MS CAS which is simply success security brokers that support Log collector API connectors like drobox Reverse proxy for apps inside on-premise network CAS capabilities Discover and maRead More…

Cloud App Security : the Concept

introduction Moving to the cloud increases flexibility for employees and IT teams. 🙂 BUT,,, it also introduces new challenges and complexities for keeping your organization secure. 🙁 SO,,, To get the full benefit of cloud apps and services, an IT team must find the right balance of supporting access while protecting critical data. the Solution is  Cloud App Security BrokRead More…

MIP Office 365 Message Encryption : Practice

introduction in plreviouse article we have discussed the concept of OME this articles we will see how to encrypt email with OME , and that that will effect email sent to outside organization activate RMS OME capabilities leverage the protection features in Azure Rights Management Services (Azure RMS), the technology used by Azure Information Protection to protect emails and documents vRead More…

MIP Office 365 Message Encryption : Concepts

introduction People often use email to send sensitive information, such as: financial data, legal contracts, confidential product information, sales reports and projections , patient health information, or customer and employee information. As a result, mailboxes can become repositories for large amounts of potentially sensitive information and information leakage can becomRead More…

MIP Azure Information Protection: apply label Manually

introduction in previous article we have seen how to configure automatic classification based on file or email content this article we will how to create label and allow end user to choose labeling based on his convenience AIP Manual classification steps below are steps to create manual labeling , which are similar to automatic labeling with little bit different Activate AIP through htRead More…

MIP Azure Information Protection: apply label Automatically

introduction in previous article we have got an overview about AIP concepts this article we will see how to configure AIP on cloud on on premise [end client computers ] Manual Classification vs Automatic Classification in most companies :  we deal with huge mount of data. So,,, applying label manually is not practical. Therefore,, AIP offers automatic data classification to oveRead More…

MIP : Azure Information Protection Concepts

introduction Azure Information Protection (AIP) is a cloud-based solution that enables companies to: Discover Classify , label , Monitor and Protect   documents and emails by applying labels to content. AIP is part of the Microsoft Information Protection (MIP) solution, and extends the labeling and classification functionality provided by Microsoft 365. actually : AIP proRead More…