There’s a lot of debate around the need to separate Microsoft 365 administrator accounts, especially when controls such as Privileged Identity Management exist within an organization. However, even with PIM there are remaining security concerns which necessitate the operation of separate accounts. This article explains the importance of using separate accounts; details how to target different Conditional Access policies for admin and user accounts and highlights how this approach increases your security posture and limits potential attack vectors against administrator accounts.
In the second iteration of a two-part series about FIDO2 and passwordless authentication, we walk you through how to facilitate your passwordless deployment for Azure AD identities. Once passwordless authentication is achieved, users can authenticate up to 3x faster and helpdesks should receive fewer requests for password resets, saving your organization time and money.
FIDO is an open industry alliance dedicated to helping the world move away from traditional passwords. In this article, we explore how the FIDO architecture works.