Still in public preview, new application authentication method policies will help Microsoft 365 customers adhere to best practices for managing application credentials, while asserting pressure on ISVs to do the same. Going forward we can expect this to turn into a standard configuration, enforced across many organizations. To address the problem, Microsoft is ready to release a set of features to help. In this article, we introduce you to Azure AD application authentication method policies, one of the features in the set.
Many apps are created in the Azure AD for a tenant. Those apps have permissions to allow them to access data, and consent for those permissions are granted by administrators and users. How often do you check what apps are known in your Azure AD and what permissions those apps have? In this article, we review how to use the Graph API and PowerShell to create a report inventorying apps and permissions. What you do with that data is up to you!
The audit events generated for license assignments to user accounts available in the Azure AD audit log and Office 365 audit log are inconsistent and incomplete. This is certainly true for licenses assigned to accounts through auto-claim policies and group-based licensing, but known gaps exist in the audit records generated in other areas of Office 365 and Microsoft 365 functionality. We think Microsoft needs to pay attention to ensure that auditing works consistently and predictably across all workloads. Once they improve the fit and finish of audit record generation, they can move into other areas, like charging for access to high-value audit events.
While application access policies were a great step forward, they did not cover all scenarios, and Vasil does a great job at giving us a practical explanation.
Microsoft MVP Vasil Michev takes a deep dive into Microsoft's Project Moca tool.
Microsoft MVP Vasil Michev provides a detailed account of the latest Exchange Retention and Communication Compliance updates.
Back at Ignite 2019, Microsoft announced a few new compliance features under the Insider Risk Management “solution”. In this article, we’ll take a quick look at one of them – the Communication compliance feature. What is Communication compliance? Communication compliance is a set of controls designed to identify, collect, review and act upon offending instances […]
In Part Three, MVP Vasil Michev explores granting access to users from "connected" organizations and manage their lifecycle within your own directory.
Previously, MVP Vasil Michev discussed the concepts behind entitlement management. Now he's going into further detail about the user experience requesting access to a package.