{"id":24806,"date":"2019-01-30T17:00:12","date_gmt":"2019-01-30T17:00:12","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/"},"modified":"2019-01-30T17:00:12","modified_gmt":"2019-01-30T17:00:12","slug":"step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/","title":{"rendered":"Step 4. Set conditional access policies: top 10 actions to secure your environment"},"content":{"rendered":"<p><em>The \u201cTop 10 actions to secure your environment\u201d series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In \u201cStep 4<\/em>. <em>Set conditional access policies,\u201d you\u2019ll learn how to control access to your apps and corporate resources using conditional access policies, and how these policies can block legacy authentication methods and control access to SaaS apps.<\/em><\/p>\n<p>In today\u2019s workplace, users can work from anywhere, on any device. Whether using a company-provided laptop at the office, working from home, traveling for business, or using a personal mobile phone, employees expect to seamlessly access what they need to get work done. While the need for productivity may not change with circumstances, the level of risk of each sign-in does. Not all devices, apps, or networks are equally secure, and hackers will exploit any vulnerability that will give them access to your users and resources. It is critical to safeguard your identities, but it is not enough. You also need flexible security policies that are responsive to conditions.<\/p>\n<h2>Set up Azure Active Directory (Azure AD) conditional access policies<\/h2>\n<p>Azure AD <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/overview\" rel=\"noopener\">conditional access<\/a> lets you apply security policies that are triggered automatically when certain conditions are met. You can block access if the data suggests the user has been compromised or if it\u2019s highly unlikely that the user would sign in under those conditions. You can enforce additional authentication requirements when the system detects a medium risk based on the sign-in conditions (see \u201cSign-in risk\u201d below).<\/p>\n<p>We recommend that you apply polices that are appropriate for your organization for the following conditions:<\/p>\n<ul>\n<li><strong>Users and user groups<\/strong>: To reduce the risk that sensitive data is leaked, define which users or user groups can access which applications or resources, paying careful attention to sources of highly sensitive information such as human resources or financial data.<\/li>\n<li><strong><a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/conditions#sign-in-risk\" rel=\"noopener\">Sign-in risk<\/a><\/strong>: Azure AD machine learning algorithms evaluate every sign-in and give it a risk score of low, medium, or high depending on how likely it is that someone other than the legitimate owner of the account is attempting to sign in. Anyone with a medium risk should be challenged with Multi-Factor Authentication (MFA) at sign-in. If the sign-in is a high risk, access should be blocked. This condition requires Azure AD Identity Protection, which you can read about in <a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2019\/01\/16\/step-3-protect-your-identities-top-10-actions-to-secure-your-environment\/\" rel=\"noopener\">Step 3. Protect your identities<\/a>.<\/li>\n<li><strong><a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/location-condition\" rel=\"noopener\">Location<\/a><\/strong>: A location can be risky if it\u2019s in a country with limited security policies or if the wireless network is unsecure or simply because it\u2019s not a location where the organization typically does business. You can modify access requirements for sign-ins from locations that are not on an IP safe list or that are risky for other reasons. Users accessing a service when they\u2019re off the corporate network should be required to use MFA.<\/li>\n<li><strong><a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/conditions#device-platforms\" rel=\"noopener\">Device platform<\/a><\/strong>: For this condition, define a policy for each device platform that either blocks access, requires compliance with <a target=\"_blank\" href=\"https:\/\/www.microsoft.com\/en-us\/cloud-platform\/microsoft-intune\" rel=\"noopener\">Microsoft Intune<\/a> policies, or requires the device be domain joined.<\/li>\n<li><strong>Device state<\/strong>: Use this condition to define policies for unmanaged devices.<\/li>\n<li><strong><a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/conditions#client-apps\" rel=\"noopener\">Client apps<\/a><\/strong>: Users can access many cloud apps using different app types such as web-based apps, mobile apps, or desktop apps. You can apply security policies if an access attempt is performed using a client app type that causes known issues, or you can require that only managed devices access certain app types.<\/li>\n<li><strong>Cloud apps<\/strong>: This condition specifies unique policies for sensitive apps. For example, you can require that HR apps like Workday are blocked if Azure AD detects a risky sign-in or if a user tries to access it with an unmanaged device.<\/li>\n<\/ul>\n<p>When a condition is met, you can choose what policy Azure AD will enforce:<\/p>\n<ul>\n<li>Require MFA to prove identity.<\/li>\n<li>Change the actions the user can take in cloud apps.<\/li>\n<li>Restrict access to sensitive data (for example: limit downloads or sharing functionality).<\/li>\n<li>Require a password reset.<\/li>\n<li>Block access.<\/li>\n<\/ul>\n<p>Once set, these policies will apply automatically without any manual intervention (Figure 1).<\/p>\n<p><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1.png\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-88228 size-full\" src=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1.png\" alt=\"\" width=\"1474\" height=\"707\" srcset=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1.png 1474w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1-300x144.png 300w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1-768x368.png 768w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1-1024x491.png 1024w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1-330x158.png 330w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1-800x384.png 800w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-1-400x192.png 400w\" sizes=\"auto, (max-width: 1474px) 100vw, 1474px\"\/><\/a><\/p>\n<p><em>Figure 1. Azure AD automatically applies the policies you set based on condition.<\/em><\/p>\n<h2>Block legacy authentication and control access to highly privileged accounts<\/h2>\n<p>Old apps that use a legacy authentication method, such as POP3, IMAP4, or SMTP clients, can increase your risk because they prevent Azure AD from doing an advanced security assessment and don\u2019t allow more modern forms of authentication, such as MFA. We recommend you use <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/conditions#legacy-authentication\" rel=\"noopener\">client application conditional access rules<\/a> (Figure 2) to block these apps entirely.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-88231 aligncenter\" src=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-2.png\" alt=\"\" width=\"312\" height=\"375\" srcset=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-2.png 312w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-2-250x300.png 250w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-2-208x250.png 208w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-2-291x350.png 291w\" sizes=\"auto, (max-width: 312px) 100vw, 312px\"\/><\/p>\n<p><em>Figure 2. Apply conditional access rules to block client apps using legacy authentication methods.<\/em><\/p>\n<p>You can also use conditional access rules to reduce the risk that highly privileged accounts or service accounts are compromised. For example, if your HR system uses a service account to access the email account, you can make sure it can only run against the service from a specific IP at the appropriate time of day.<\/p>\n<h2>Enhance conditional access with Intune and Microsoft Cloud App Security<\/h2>\n<p>Azure AD integrates with <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/intune\/what-is-intune\" rel=\"noopener\">Intune<\/a>, so that conditional access policies can consider the Intune device state as part of the policy, letting you set access controls for devices that have old operating systems or other security vulnerabilities. You can also use conditional access in Intune to make sure that only apps managed by Intune can access corporate email or other Office 365 services. Azure AD will enforce these rules.<\/p>\n<p><a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/cloud-app-security\/what-is-cloud-app-security\" rel=\"noopener\">Cloud App Security Conditional Access App Control<\/a> extends conditional access to your SaaS apps. You can block downloads from apps, limit activities in the app, monitor risky users, or block access to the app entirely.<\/p>\n<p>Once you have policies in place, we recommend that you use the <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/conditional-access\/what-if-tool\" rel=\"noopener\">Azure AD What If tool<\/a> to simulate possible sign-in scenarios that your users may confront. The What If tool allows you to select a user, the app that user is trying to access, and the conditions of that sign-in to see which policies will apply. (Figure 3.) This step will give you a better sense of how your policies will impact your users. You can also check what policies do not apply to a specific scenario.<\/p>\n<p>One final precaution: Be sure to set up an exception group for each conditional access policy, so you don\u2019t lock yourself out.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-88234 aligncenter\" src=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-3.png\" alt=\"\" width=\"719\" height=\"514\" srcset=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-3.png 719w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-3-300x214.png 300w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-3-330x236.png 330w, https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/sites\/13\/2019\/01\/Step-4-Set-conditional-access-policies-3-400x286.png 400w\" sizes=\"auto, (max-width: 719px) 100vw, 719px\"\/><\/p>\n<p><em>Figure 3. The Azure AD What If tool gives you a better sense of how your policies will impact your users.<\/em><\/p>\n<p><strong>Learn more<\/strong><\/p>\n<p>Check back in a few weeks for our next blog post, \u201cStep 5. Set up mobile device management,\u201d where we\u2019ll dive into how to plan your Intune deployment and set up mobile device management as part of your Unified Endpoint Management strategy.<\/p>\n<p><strong>Get deployment help now<\/strong><\/p>\n<p>FastTrack for Microsoft 365 provides end-to-end guidance to set up your security products. FastTrack is a deployment and adoption service that comes at no charge with your subscription. <a target=\"_blank\" href=\"https:\/\/www.microsoft.com\/en-us\/fasttrack\/microsoft-365\/security\" rel=\"noopener\">Get started at FastTrack for Microsoft 365<\/a>.<\/p>\n<p><strong>Resources<\/strong><\/p>\n<p>READ MORE <a href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2019\/01\/30\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Top 10 actions to secure your environment series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In Step 4. Set conditional access policies, youll learn how to control access to your apps and corporate resources using conditional access policies, and how these policies can block legacy authentication methods and control access to SaaS apps.<br \/>\nThe post Step 4. Set conditional access policies: top 10 actions to secure your environment appeared first on Microsoft Secure. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":24807,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[347],"class_list":["post-24806","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Step 4. Set conditional access policies: top 10 actions to secure your environment 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Step 4. Set conditional access policies: top 10 actions to secure your environment 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-30T17:00:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1474\" \/>\n\t<meta property=\"og:image:height\" content=\"707\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Step 4. Set conditional access policies: top 10 actions to secure your environment\",\"datePublished\":\"2019-01-30T17:00:12+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/\"},\"wordCount\":1146,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/\",\"name\":\"Step 4. Set conditional access policies: top 10 actions to secure your environment 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png\",\"datePublished\":\"2019-01-30T17:00:12+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png\",\"width\":1474,\"height\":707},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Step 4. Set conditional access policies: top 10 actions to secure your environment\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Step 4. Set conditional access policies: top 10 actions to secure your environment 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/","og_locale":"en_US","og_type":"article","og_title":"Step 4. Set conditional access policies: top 10 actions to secure your environment 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-01-30T17:00:12+00:00","og_image":[{"width":1474,"height":707,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Step 4. Set conditional access policies: top 10 actions to secure your environment","datePublished":"2019-01-30T17:00:12+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/"},"wordCount":1146,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png","keywords":["Cybersecurity"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/","url":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/","name":"Step 4. Set conditional access policies: top 10 actions to secure your environment 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png","datePublished":"2019-01-30T17:00:12+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/01\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment.png","width":1474,"height":707},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/step-4-set-conditional-access-policies-top-10-actions-to-secure-your-environment\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.threatshub.org\/blog\/tag\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"Step 4. Set conditional access policies: top 10 actions to secure your environment"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24806","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=24806"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/24806\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/24807"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=24806"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=24806"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=24806"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}