Explore the New Features in Azure AD and Microsoft Unified Endpoint Management

In response to the COVID-19 pandemic, Cloud-based ERP systems are becoming increasingly popular. The accessibility, manageability, and cost-effectiveness of the cloud help organizations around the world navigate the demands of remote working and the uncertainty of the future.

To help its customers navigate the new normal, Microsoft has released a number of new updates for Azure AD and Microsoft Intune (now called Unified Endpoint Management), two of the company’s most popular cloud offerings. All of these updates Enhancing ERP cloud security And simplify device management.

Microsoft Azure AD Updates

Temporary Access Permit (TAP)

With TAP, administrators can create temporary passwords for both new and existing users that expire after a certain period of time. The tool is especially useful when setting up new employees or resetting user account credentials.

Because it has a number of authentication policies, the tool is considered a strong authentication method, which enables organizations to integrate multi-factor authentication and self-service password reset.

server authentication

Azure AD user login information can now be used to access the Azure Windows VM. This functionality can also be used in conjunction with PIM, Conditional Access, and RBAC.

The goal of this feature is to improve and simplify user management among IT administrators and increase the cloud connectivity of Azure Directory.

please note: Azure AD Server Authentication Requires Windows Server 2019. Older versions (including Bastions) are not currently supported.

New Conditional Update Policies

Azure AD’s Conditional Access Policies (CAP) are essentially if-then statements. When a user wants to access something, they must first complete an action.

For example, a new CAP process within Azure AD requires users to go through multi-factor authentication before a password reset. Administrators can set up this policy using grant controls.

Another new policy is listed under “Register or Join Devices”. This rule provides IT administrators with greater control during device setup because it allows them to require users to complete a number of actions (such as setting up multi-factor authentication) before setup.

Finally, administrators will increase the visibility of devices with the “Specific location” policy. Instead of being tracked by IP address, the tool finds a device that uses actual GPS coordinates, providing administrators with a more accurate location.

New Microsoft UEM Filters

When a new CAP is created, administrators can use new filters to set policies based on specific rules. This essentially allows administrators to narrow the scope of the policy and have a comprehensive view of which devices and users will be affected.

For example, filters may be useful when publishing a restriction policy on corporate devices excluding personal devices or deploying a new iOS app to Apple devices in a particular team.

With these features, administrators have greater flexibility and granularity when assigning caps.

Get started with JourneyTEAM

Organizations looking to provide their IT team with greater accuracy and control Cloud security and device management must connect to JourneyTEAM. As a Microsoft Gold Partner, we have a wealth of knowledge about a Microsoft product. Together, we will customize the functionality of each solution to meet your unique business needs. Contact a JourneyTEAM representative today to find out more.

Leave a Comment