New Features Now Available in Microsoft Azure AD and Microsoft Intune

As the COVID-19 pandemic continues to spread, migration to the cloud continues to accelerate. Research conducted by IDC He predicts that by the end of 2021, 80% of companies will put in place a mechanism for moving to the cloud twice as fast as they did before the COVID-19 pandemic.

One of the cloud service providers that is rapidly growing in response to COVID-19 is Microsoft. Chief Executive Officer Satya Nadella: “We’ve seen two years of digital transformation in two months. From remote teamwork and learning to sales and customer service, to critical cloud infrastructure and security — we work alongside customers every day to help them adapt and stay open to working in a world of all about after. “

With thousands of new users moving to Microsoft’s version of the cloud, the company has released new updates to both Microsoft Intune (now called Unified Endpoint Management) and Azure AD for enhanced securityImprove productivity and simplify device management.

Azure AD Updates

Temporary Access Permit (TAP)

Microsoft has always tried to eliminate the need for passwords; TAP is a huge step forward in achieving this goal. The tool is a time-limited password that is generated and issued by an IT administrator. This password can then be used during setup or resetting existing accounts. The hope is that TAP will eventually be able to stop the use of persistent passwords within the corporate network entirely.

In terms of account recovery, TAP simplifies the process while keeping information secure by enabling users to reset passwords or change authentication methods without entering a password.

Azure AD Authentication for Servers

To increase cloud connectivity and simplify user management, Microsoft users can now use their Azure AD login credentials to log into their Azure Windows VM. This new functionality also supports integration with Conditional Access, RBAC, and PIM.

Users must have Windows Server 2019 to take advantage of this feature. Currently, the foundations used for server connectivity within Azure AD are not supported, although this may change in the future.

New Conditional Access Policies

To help companies improve cybersecurity, Microsoft has released new Conditional Access Policies (CAP) in Azure AD. These include:

  • Password Reset: If administrators discover a potential threat or suspicious logins, they can reset user passwords automatically. Additionally, if users request a password reset, administrators can request multi-factor authentication before the reset.
  • Register or join devices: To provide administrators with greater control over devices, Microsoft has increased the level of security and requirements surrounding device setup. For example, administrators can create CAPs that require users to set up MFA methods through the corporate network when adding or joining new devices.
  • Specific location: Previously, administrators could track company devices only by IP addresses, which is not always accurate. With the ‘Exact location’ policy, devices are tracked using GPS coordinates which provide a more accurate location.

New filtering capabilities in Microsoft UEM

When administrators create Caps within Azure AD, they can then use Microsoft UEM filters to see how policies, restrictions, and updates affect devices and users. Essentially, these filters provide administrators with greater visibility and control when setting a CAP.

For example, filters can be used to publish a new Android phone compliance policy to all employees within a company but exclude Android devices that do not support mobile compliance policy settings. The same can be done for iOS devices.

These new updates to Microsoft solutions are an important step forward in creating an easy-to-use and secure cloud environment and facing the uncertainty of the future with confidence.

Choose JourneyTEAM

Integrating new solutions into the existing technology suite can be complex and time-consuming-Consume. JourneyTEAM, a Microsoft Gold partner, lightens that burden by doing all the heavy lifting. We provide organizations with as much – or as little – support as needed when implementing Microsoft solutions. Contact a representative Today to get started.

Leave a Comment