A variety of methods exist to block access to a user’s Office 365 (Azure AD) account from a complete block to a conditional access policy. In this article, we examine the various methods and debate the worth of each approach. Conditional access policies are the cleanest and most effective long-term solution, but you need Azure AD premium licenses. If you don’t have those licenses, maybe one of the other approaches will work for you.
Using PowerShell to Manage Conditional Access (CA) Policies
Microsoft provides many methods to manage a tenant’s data and users. PowerShell is a powerful tool to manage resources, including Conditional Access Policies using a set of cmdlets in the AzureAD module. In this article, Microsoft MVP Damian Scoles reviews the eight PowerShell cmdlets and how to use them.
Azure Active Directory Premium – Where to Start
For many organizations it is not possible to implement and manage Office 365 to the level of security necessary without Azure AD Premium. It is also not possible to effectively deploy and consume the capabilities of Azure AD Premium all at once. Recommending a phased deployment approach, Brian Desmond walks you through implementation of the four most important features you should start with.
Multi-factor Authentication by Default for Administrators in Azure AD and Office 365
How the Azure Active Directory baseline security policy enforces multi-factor authentication for privileged administrator accounts in Office 365 and Azure AD.
Blocking IMAP, POP, and Other Legacy Applications From Office 365 Using Azure Active Directory Conditional Access
How to use Azure Active Directory conditional access policies to block legacy applications such as POP, IMAP, and basic authentication from connecting to Office 365.