{"id":39805,"date":"2021-03-02T14:00:25","date_gmt":"2021-03-02T14:00:25","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=92888"},"modified":"2021-03-02T14:00:25","modified_gmt":"2021-03-02T14:00:25","slug":"identity-at-microsoft-ignite-strengthening-zero-trust-defenses-in-the-era-of-hybrid-work","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/identity-at-microsoft-ignite-strengthening-zero-trust-defenses-in-the-era-of-hybrid-work\/","title":{"rendered":"Identity at Microsoft Ignite: Strengthening Zero Trust defenses in the era of hybrid work"},"content":{"rendered":"

We\u2019re now a year into our new reality, and two trends stand out. First, people need even more flexibility as we work, learn, and collaborate in a world without perimeters. And second, bad actors are getting even more sophisticated. They\u2019re adding new attack vectors and combining them in new creative ways, as we just saw with Solorigate<\/a>.<\/p>\n

In January, I shared our top five identity priorities for 2021<\/a> to help you strengthen security and accelerate your transition to the new hybrid work era. More than ever, organizations need to strengthen their defenses to give employees, partners, and customers the flexibility to work from anywhere using apps that live inside and outside the traditional corporate network perimeter. That\u2019s why Zero Trust<\/a>, a security strategy that combines maximum flexibility with maximum security, is so crucial.<\/p>\n

For IT pros and security professionals, the implementation of Zero Trust should be simple and straightforward. For users, it should never get in the way, and it should fit into familiar workflows and habits. This week, on the virtual Microsoft Ignite stage, I\u2019m announcing several Azure Active Directory (Azure AD) innovations that will help make life easier for you and your employees now\u2014and help you stay prepared for whatever comes next.<\/p>\n

Give your employees a secure and seamless user experience<\/h2>\n

As part of our commitment to making security as seamless as possible, passwordless authentication<\/a><\/strong> is now generally available for organizations to deploy at scale. Your IT admins, employees, and partners can benefit from increased security and simplicity<\/a>. We\u2019ve made it easy to roll out passwordless at scale with expanded policies that define which authentication methods specific users or groups can use. New reporting capabilities allow you to see the usage and adoption of passwordless authentication methods across your organization. To help you simplify and secure remote access, we\u2019ve also released the preview of Temporary Access Pass<\/a><\/strong>, a time-limited code used to set up and recover a passwordless credential.<\/p>\n

\"Azure<\/p>\n

Microsoft already has more than 200 million passwordless users across our consumer and enterprise services. We\u2019re excited to see even more customers adopting passwordless each day. Axiata Group is the first company in Southeast Asia to eliminate passwords for their employees. They went passwordless using Windows Hello for Business and the Microsoft Authenticator app. Abid Adam, group chief risk and compliance officer at Axiata Group said, \u201cRather than make their lives miserable with long passwords that create risk for the organization, we turned to biometrics. Now with Windows Hello, security is baked into our ecosystem, and we have better access to information with greater barriers to bad actors. It\u2019s a win-win for our security team, our employees, and the company.\u201d Similarly, in Europe, Ume\u00e5 municipality wanted to strengthen security and eliminate the use of passwords. With help from Onevinn and Yubico partners, they were able to roll out their first passwordless deployment in less than 10 days. Watch my interview on Microsoft Mechanics<\/a> to see passwordless in action.<\/p>\n

Going passwordless not only simplifies the user experience but also strengthens your security posture. And thanks to Azure AD Conditional Access<\/a>, you no longer need to request multifactor authentication every time someone accesses an app that touches sensitive data. Instead, you can step up authentication based on what the user is trying to do within the app\u2014for example, downloading a highly confidential document. With Azure AD Conditional Access authentication context<\/strong>, now in preview, you can move away from one-size-fits-all security and adopt more granular policies that protect resources with the right level of controls based on user actions or the data they are trying to access.<\/p>\n

\"Azure<\/p>\n

\n

Announcements<\/strong>:<\/p>\n