Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft 2016 1/3/2018 11:30 PM BRK3109 Deliver management and security at scale to Office 365 with Azure Active Directory Brjann Brekkan Principal Program.

Published byElla Morris Modified over 6 years ago

Similar presentations

Presentation on theme: "Microsoft 2016 1/3/2018 11:30 PM BRK3109 Deliver management and security at scale to Office 365 with Azure Active Directory Brjann Brekkan Principal Program."— Presentation transcript:

1 Microsoft 2016 1/3/ :30 PM BRK3109 Deliver management and security at scale to Office 365 with Azure Active Directory Brjann Brekkan Principal Program Manager Identity Products and Services © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Agenda Enterprise Mobility + Security Vision Identity for Office 365
Management and Security enhancements with Azure AD

3 Enterprise Mobility + Security
The Microsoft vision Identity Driven Security Users Devices Apps Data Managed Mobile Productivity Employees Business partners Customers Comprehensive Solution

4 Identity as the control plane
Build 2012 1/3/2018 Identity as the control plane Customers Partners Simple connection On-premises Other directories Windows Server Active Directory SaaS Azure Public cloud Cloud Self-service Single sign-on Microsoft Azure Active Directory

5 Azure Active Directory
Microsoft Confidential NDA Only 1/3/2018 Azure Active Directory 85% of Fortune 500 companies use Microsoft Cloud (Azure, O365, CRM Online, and PowerBI) Azure AD Directories >10 M More than 750 M user accounts on Azure AD Microsoft “Identity Management as a Service (IDaaS)” for organizations. Millions of independent identity systems controlled by enterprise and government “tenants.” Information is owned and used by the controlling organization—not by Microsoft. Born-as-a-cloud directory for Office 365. Extended to manage across many clouds. Evolved to manage an organization’s relationships with its customers/citizens and partners (B2C and B2B). 33,000 Enterprise Mobility + Security | Azure AD Premium enterprise customers >110k third-party applications used with Azure AD each month >1.3 billion authentications every day on Azure AD Every Office 365 and Microsoft Azure customer uses Azure Active Directory © 2015 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Microsoft 2016 1/3/ :30 PM Health system uses cloud-based tools to boost mobility and improve quality of care St. Luke’s is establishing a vision for its 3,000 clinicians to be able to deliver a high standard of care in multiple mobile scenarios using a variety of devices. The health system maximizes the value of its Office 365 services by securing the devices that employees use to communicate and collaborate along with the data on them. “The Enterprise Mobility Suite helps us answer our security requirements.”   “We’ll use the Enterprise Mobility Suite for better-quality care through mobile access to healthcare content targeted to clinicians, support staff, and patients across our distributed health system. ” —Brett Taylor: Information Technology Director —St. Luke’s Health System © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Must know about Identity in Office 365

8 Office 365 Identity Management Options
Cloud Managed Password Hash Sync  Federated Identity 3rd Party Federated Azure Active Directory Azure Active Directory Azure Active Directory Azure Active Directory Azure AD Connect Azure AD Connect Federation Provisioning Azure AD Connect sync AD FS Ping Federate Azure AD Connect sync On-Premises Identity On-Premises Identity On-Premises Identity Pros: No deployment time, No on-premises equipment. Cons: no SSO and Identity lifecycle integration with directory on premises Pros: Quick to deploy, same password as on-premises Cons: Currently Not Desktop SSO Pros: 3rd party tools and services pre-tested for basic auth scenarios with WS-Fed Cons: Second directory store in cloud. Multiple support channels Provisioning only using PowerShell and Graph API Pros: Windows Integrated Desktop SSO, Client access control, 3rd Party MFA integration. End to End ongoing, validation and support with Office 365 Cons: On premises deployment

9 Default Configuration: Password Hash Sync
1/3/2018 Default Configuration: Password Hash Sync User attributes are synchronized using Azure AD Connect, including a password hash; authentication is completed against Azure Active Directory *Preview: Single Sign On for synchronized AD users Azure Active Directory Identity synchronization with password (hash) sync End User Experience Sign on to AD and Azure AD required. Same password. * SSO for synchronized users provides seamless auth to Azure AD from domain joined PC Self Service Password Reset of AD password with Azure AD Premium IT Pro / Admin Experience Azure AD Connect is all you need * See session BRK3107 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Alternate Configuration: Federation to on premises
1/3/2018 Alternate Configuration: Federation to on premises Azure Active Directory User attributes are synchronized using Azure AD Connect; authentication is passed back through federation and completed against Windows Server Active Directory Identity synchronization AD FS End User Experience All authentication to on premises AD Seamless single sign on from domain joined PC’s Self Service Password Reset of AD password with Azure AD Premium IT Pro / Admin Experience Azure AD Connect AD FS and AD FS Proxy installed on premises Credentials not stored in Azure AD © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 *Preview functionality: Pass through to on premises
1/3/2018 *Preview functionality: Pass through to on premises Azure Active Directory User attributes are synchronized using identity synchronization tools; authentication passed on to on premises and completed against Windows Server Active Directory Identity synchronization Authentication Agent End User Experience All authentication to on premises AD Seamless single sign on from domain joined PC’s Self Service Password Reset of AD password with Azure AD Premium IT Pro / Admin Experience Azure AD Connect Authentication agent connects to Azure AD to handle auth to AD Credentials not stored in Azure AD * See session BRK3107 © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 What are organizations like you doing?

13 Synchronization - Snapshot from Dec 30 2015
8.2 M Directories , 550M users in Azure AD (as of 30 Dec 2015) Large directories account for 91% of all accounts 75% use a Microsoft sync solution (Azure AD Connect or its predecessors) 21% use PowerShell or the Office365/Azure Admin portal. 3% use a 3rd party cloud service 1% use a homegrown or custom solution 24K directories were using Azure AD Connect just 6 months after its release Every month more organizations started using Azure AD Connect than the total number of organizations who have ever used a third party sync solution with Azure AD and Office 365.

14 Authentication – Snapshot from Dec 30 2015
1.3B daily authentications 43% are cloud only and completed directly by Azure AD (down from 56% in March 2015). 36% are federated and completed by an ADFS server at a customer site (up from 32% in March 2015). 17% are completed using a password hash that was synced from on-premises to the cloud using AAD Connect or one of its predecessors (up from 7% in March 2015). 1% are completed by a syndication partner (large companies who resell Microsoft services) Just under 1% are completed by a 3rd party federation server (i.e. Ping Federate, CA Site Minder, etc.) Just under 1% are completed by a 3rd party identity service (a company like Centrify, Okta, OneLogin, etc.) The remaining 1% are completed by a custom or open source identity server

15 FAQ - Identities In Office 365
Q. Do I need more than one Azure AD if I have more than one AD on premises? No, Multiple AD Forests can be connected to one Azure AD Highly recommended to not have multiple tenants for same organization Q. Can I have multiple domains in same Office 365 / Azure AD? Yes, one Azure AD tenants supports hundreds of unique domain names Q. Can I have a mix of cloud only accounts and on premises synchronized accounts? Yes, can mix both on premises and cloud only Q. Can I use other tools than Azure AD Connect to synchronize? Yes, tools using PowerShell and Graph API supports Create, Update, Delete of users and groups Azure AD Connect is integrated with Office 365 services and applications so only tool that supports hybrid environments

16 Management and Security enhancements with Azure AD

17 EM+S Better together with Office 365
EMS Overview 1/3/2018 EM+S Better together with Office 365 Identity and access management Managed mobile productivity Information protection Identity-driven security Enterprise Mobility + Security Azure AD for O365 + Single sign-on for all apps Conditional Access, Advanced MFA Self-service group management & password reset & write back Dynamic Groups, Group based licensing assignment Advanced security reports MDM for O365 + PC management Mobile app management (prevent cut/copy/paste/save as from corporate apps to personal apps) Secure content viewers Certificate provisioning System Center integration RMS for O365 + Automated intelligent classification and labeling of data Tracking and notifications for shared documents Protection for on-premises Windows Server file shares Cloud App Security Visibility and control for all cloud apps Advanced Threat Analytics Identify advanced threats in on premises identities Azure AD Premium P2 Risk based conditional access Basic identity mgmt via Azure AD for O365: Single sign-on for O365 Basic multi-factor authentication (MFA) for O365 MFA for Administrators Basic mobile device management via MDM for O365 Device settings management Selective wipe Built into O365 management console RMS protection via RMS for O365 Protection for content stored in Office (on-premises or O365) Access to RMS SDK Bring your own key Advanced Security Management Insights into suspicious activity in Office 365 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, Surface and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Identity and access management in the cloud
Enable business without borders Manage access at scale Cloud-powered protection 1000s of apps, 1 identity Provide one persona to the workforce for SSO to 1000s of cloud and on-premises apps Stay productive with universal access to every app and collaboration capability Manage identities and access at scale in the cloud and on-premises Ensure user and admin accountability with better security and governance Cloud-connected seamless authentication experience Single sign-on to 1000s pre- integrated apps/ Your own apps Secure remote access to on-premises apps SSO to mobile apps Support for lift-and-shift to the cloud Ease of use for end users / Integration with Office Cross-organization collaboration Any time, any place productivity with Windows 10 Support for consumer facing applications Advanced user lifecycle management Low IT overhead Monitor your identity bridge Control access to resources Safeguard user authentication Respond to advanced threats with risk-based policies and monitoring Mitigate administrative risks Governance of on-premises and cloud identities

19 End User Experiences With Azure AD
Don’t have to call helpdesk as often Reset password and unlock user account on premises I can request access to new applications Can add applications to my launcher Quickly get connected and productive with new device or PC Can create and manage both Office 365 Groups and Security Groups Simplifies my daily work My Office 365 Groups available and can be used on-premises Can integrate other SaaS and on-premises applications into Office launcher Don’t need to launch VPN to get access to main web apps on premises Single Sign on and single multifactor service across cloud and on premises My Identity is protected against fraudulent activities

20 Administrative Tasks Add Azure AD Premium Office 365 Only Manage users
Password Writeback to AD MFA for All apps SSO to other SaaS and On-premises apps Manage Groups Dynamic membership Writeback O365 Groups to AD Manage access, provisioning to apps Licensing Office 365 Selective licensing Dynamic Groups Operating identity bridge Azure AD Connect Health Office 365 Only Manage Users Cloud Only users PowerShell and API Synchronized users Password Reset of cloud users Manage Groups DL and Security Groups Manual member management Synchronize groups from On-Prem Assign Licensing Portal PowerShell

21 Single sign-on to any app
Windows Server Management Marketing 1/3/2018 Single sign-on to any app Microsoft Azure OTHER DIRECTORIES 2600+ pre-integrated popular SaaS apps and self-service integration via templates Connect and sync on-premises directories with Azure Easily publish on-premises web apps via Application Proxy + custom apps Web apps (Azure Active Directory Application Proxy) Integrated custom apps SaaS apps © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Identity-driven security
1/3/ :30 PM Identity-driven security User Actions Conditions User, App sensitivity Allow access or Device state Enforce MFA per user/per app Location MFA Risk Block access © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Microsoft Envision 2016 1/3/ :30 PM Replacing RSA Authentication Manager with Azure Multi-Factor Authentication in Microsoft Enterprise Mobility Suite means we don’t have to maintain infrastructure to make it work. It’s also more flexible with the kinds of devices and type of authentication that is possible, and the option of having per-application MFA with conditional access.” Joseph Nguyen //Systems Administrator Just Energy © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Azure Multifactor Authentication
Mobile apps Phone calls Text messages

25 Privileged Identity Management
CLOUD-POWERED PROTECTION Global Administrator Billing Administrator Exchange Administrator User Administrator Password Administrator Privileged Identity Management Discover, restrict, and monitor privileged identities Enforce on-demand, just-in-time administrative access when needed Provides more visibility through alerts, audit reports and access reviews

26 Azure Active Directory Identity Protection
Windows Server Management Marketing 1/3/2018 Azure Active Directory Identity Protection Use the power of Identity Protection in PowerBI, SIEM and other monitoring tools Infected devices Leaked credentials Configuration vulnerabilities Brute force attacks Suspicious sign-in activities Security/Monitoring/Reporting Solutions Notifications Data Extracts/Downloads Power BI SIEM Monitor Tools Reporting APIs Apply Microsoft learnings to your existing security tools Microsoft machine - learning engine © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Demos - Extend and Enhance Office 365
Microsoft 2016 1/3/ :30 PM Demos - Extend and Enhance Office 365 End User experiences Access apps from Office Protected access to SharePoint Online Extend to other SaaS Administrative experiences Conditional Access Access On Premises SharePoint setup *Assigning licenses to users * Upcoming Preview feature © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 Identity and access management in the cloud
Enable business without borders Manage access at scale Cloud-powered protection 1000s of apps, 1 identity Provide one persona to the workforce for SSO to 1000s of cloud and on-premises apps Stay productive with universal access to every app and collaboration capability Manage identities and access at scale in the cloud and on-premises Ensure user and admin accountability with better security and governance Cloud-connected seamless authentication experience Single sign-on to 1000s pre- integrated apps/ Your own apps Secure remote access to on-premises apps SSO to mobile apps Support for lift-and-shift to the cloud Ease of use for end users /Integration with Office Cross-organization collaboration Any time, any place productivity with Windows 10 Support for consumer facing applications Advanced user lifecycle management Low IT overhead Monitor your identity bridge Control access to resources Safeguard user authentication Respond to advanced threats with risk-based policies and monitoring Mitigate administrative risks Governance of on-premises and cloud identities

29 Build 2012 Azure Active Directory Free Azure Active Directory Basic Azure Active Directory Premium Office 365 apps only Common features Directory as a service 500,000 object limit No object limit No object limit for Office 365 user accounts User/group management (add/update/delete)/user-based provisioning, device registration, User-based access management/provisioning, Basic Security/usage reports Yes Singe Sign On 10 apps per user (pre-integrated SaaS and developer-integrated apps) 10 apps per user (free tier + Application proxy apps) No limit (free, Basic tiers + Self-Service App Integration templates) 10 apps per user (pre-integrated SaaS and developer-integrated apps) Self-service password change for cloud users Connect (sync engine that extends on-premises directories to Azure Active Directory) Premium+ basic features Group-based access management/provisioning – Provisioning customization Self-service password reset for cloud users Company branding (logon pages/access panel customization) Application Proxy SLA Premium features Self-Service Group and app Management/Self-Service application additions/ Dynamic Groups P1,P2 Self-service password reset/change/account unlock with on-premises write-back Advanced usage reporting Multi-factor authentication (cloud and on-premises (MFA server)) Limited cloud only for Office 365 apps MIM CAL + MIM server Cloud app discovery Automated password rollover Connect Health Conditional Access (User, Application, Location, Device rules) Identity Protection P2 Privileged Identity Management Azure Active Directory editions GA feature comparison + Office 365 IAM features 1/3/2018 Azure Active Directory Join – Windows 10 only related features Join a device to Azure AD, Desktop SSO, Microsoft Passport for Azure AD, Administrator Bitlocker recovery Yes MDM auto-enrolment, Self-Service Bitlocker recovery, Additional local administrators to Windows 10 devices via Azure AD Join, Enterprise State Roaming © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 Identity and Access Management Sessions
1/3/ :30 PM Monday 02:15: BRK2139 Protect your business and empower your users with cloud Identity and Access Management Tuesday 12:30: BRK3107 Connect your on-premises directories to Azure AD and use one identity for all your apps 02:15: BRK3225 Secure access to Office 365, SaaS, and on-premises apps and files with Azure AD and Intune 02:15: BRK3019 Manage Office 365 Groups 04:30: BRK3109 Deliver management and security at scale to Office 365 with Azure Active Directory Wednesday 09:00: BRK3111 Manage productivity at scale with Azure Active Directory 11:30: BRK2170 Learn how Unilever modernized IT with Azure Active Directory at the core 02:15: BRK3139 Throw away your DMZ – Azure Active Directory Application Proxy deep-dive 04:00: BRK3181 Secure your web applications with Microsoft identity Thursday 09:00: BRK3252 Use managed domain services on Microsoft Azure 12:30: BRK3182 Secure your native and mobile applications with Microsoft identity and application management 02:15: BRK3110 Respond to advanced threats before they start - identity protection at its best! 04:00: BRK3179 Modernize your app’s consumer identity management with Azure AD B2C 04:30: BRK2067 Manage access to SaaS Applications With Azure Active Directory Friday 09:00: BRK3074 Discover what’s new in Active Directory Federation and Domain Services in Windows Server 2016 10:45: BRK3108 Share corporate resources with your partners using Azure AD B2B collaboration 12:30: BRK3330 Join your Windows 10 devices to Azure AD for anywhere, anytime productivity © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Keep going… Try Enterprise Mobility + Security for free, today:
Read the CIO’s guide to Azure Active Directory Explore Identity + Access Management Learn more from the Azure AD documentation library Discover Password best practices Check out the new Azure AD webinars Microsoft is a leader in Gartner's IDaaS MQ 2016 Playbook with guidelines on enabling Azure AD Premium

32 Free IT Pro resources To advance your career in cloud technology
Microsoft Ignite 2016 1/3/ :30 PM Free IT Pro resources To advance your career in cloud technology Plan your career path Microsoft IT Pro Career Center Cloud role mapping Expert advice on skills needed Self-paced curriculum by cloud role $300 Azure credits and extended trials Pluralsight 3 month subscription (10 courses) Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Connect with community of peers and Microsoft experts Get started with Azure Microsoft IT Pro Cloud Essentials Demos and how-to videos Microsoft Mechanics Connect with peers and experts Microsoft Tech Community © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33 Please evaluate this session
1/3/ :30 PM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

34

35 Azure MFA vs. MFA for Office 365
Build 2012 1/3/2018 CLOUD-POWERED PROTECTION Azure MFA vs. MFA for Office 365 MFA for Office 365/Azure Administrators Azure Multi-Factor Authentication Administrators can enable/enforce MFA to end users Yes Use mobile app (online and OTP) as second authentication factor Use phone call as second authentication factor Use SMS as second authentication factor Application passwords for non-browser clients (e.g., Outlook, Lync) Default Microsoft greetings during authentication phone calls Suspend MFA from known devices Custom greetings during authentication phone calls Fraud alert MFA SDK Security reports MFA for on-premises applications/ MFA server One-time bypass Block/Unblock users Customizable caller ID for authentication phone calls Event confirmation Trusted IPs © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Microsoft 2016 1/3/2018 11:30 PM BRK3109 Deliver management and security at scale to Office 365 with Azure Active Directory Brjann Brekkan Principal Program."

Similar presentations

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.

Power BI Sites and Mobile BI. What You Will Learn Sharing and Collaboration Introducing Power BI Exploring Power BI Features and Services Partner Opportunities.
Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows Infra @MaccaMSOz.

Access and Information Protection Product Overview Andrew McMurray Technical Evangelist – Windows
Craig Pringle & Derek Moir

Craig Pringle & Derek Moir
Recording Brief EMS Partner Bootcamp Variables Values Module Title

Recording Brief EMS Partner Bootcamp Variables Values Module Title
Active Directory Modernization Technical competitive comparison

Active Directory Modernization Technical competitive comparison
Identity & Access Management for a cloud-first, mobile-first world

Identity & Access Management for a cloud-first, mobile-first world
2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,

2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,
The time to address enterprise mobility is now

The time to address enterprise mobility is now
Deployment Planning Services

Deployment Planning Services
Azure Information Protection

Azure Information Protection
Deployment Planning Services

Deployment Planning Services
Microsoft Ignite 2016 4/27/2018 9:00 AM THR2016

Microsoft Ignite /27/2018 9:00 AM THR2016
Recording Brief EMS Partner Bootcamp Variables Values Module Title

Recording Brief EMS Partner Bootcamp Variables Values Module Title
Microsoft Ignite 2016 5/17/ :48 AM BRK3330

Microsoft Ignite /17/ :48 AM BRK3330
Examine information management in Cortana Intelligence

Examine information management in Cortana Intelligence
5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.

5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.
5/22/2018 1:39 AM BRK2156 Power BI Report Server: Self-service BI and enterprise reporting on-premises Christopher Finlan Senior Program Manager © Microsoft.

5/22/2018 1:39 AM BRK2156 Power BI Report Server: Self-service BI and enterprise reporting on-premises Christopher Finlan Senior Program Manager © Microsoft.
Identity & Access Management for a cloud-first, mobile-first world

Identity & Access Management for a cloud-first, mobile-first world
Deployment Planning Services

Deployment Planning Services
Microsoft 2016 6/4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Similar presentations

Ads by Google