Tag Archives: Entra

Microsoft enforces MFA requirements for user login to Azure portal for all tenants

Password spray attacks on accounts have increased rapidly in recent months. As a result, the security risks for accounts that do not use MFA for authentication have increased significantly. Microsoft works in the past on different ways to enable MFA for all users they work with Azure and Microsoft 365. One first try was the activation of security defaults, but this can be deactivated by user.

Based on this development and for other reason Microsoft announced the enforcement for Mutlifactor authentication for all sign-in/access to the Azure Portal. This announcement was a little suprise and bringe some challenges to organization espesically when we take a look at service principals and break glass accounts. Don´t get me wrong, it is mandatory to enable MFA for all users they access your tenant and have a valid and regulary reviewed Conditional Access policy in place. But for some special accounts this was not the focus or recommended. In this article I will explain how Microsoft rollouts this enforcement which steps you have to proof and how you can ensure that you are not affected or prepared for the upcoming changes.

Continue reading Microsoft enforces MFA requirements for user login to Azure portal for all tenants

Cloud Identity Summit 2023 Recap

Our 4th edition of the Cloud Identity Summit 2023 is over and it was a blast to meet all this great speaker and the Identity Community this year virtual and in-person in Koblenz.

This year we were kindly provided with the location by the Debeka Innovation Center (DICE) which is located near the University of Koblenz and close to the Moselle. The location is a designed as a open space to enable new thinking and new technologies which is a perfect match for our Cloud Identity Summit.

The 4th edition offered 10 sessions in two parall tracks, divided into Identity Security and Identity Management and it was really a pleasure to see this big identity experience in the different Identity topics on this day live at our conference. The speakers who made the extra journey to the event can certainly be called who as who of the identity scene. Therefore, at this point I would like to thank you explicitly, because without you this event would not have been possible:

  • Sefallah Tagrerout and Jean-Francois (Jeff) Aprea – Securing your Azure Ad with our Zero Trust Approach!
  • Jan Vidar Elven – Monitoring and Reporting on Activities and Security in Microsoft Entra Azure AD
  • Fabian Bader – From (tier) zero to cloud hero: How to pwn Azure AD from on-prem
  • Kenneth van Sarksum – Implementing and building advanced Microsoft Entra Id Conditional Access scenarios
  • Christopher Brumm – Walk the walk – explore ways to ensure strong authentication in real life scenarios
  • Sfefan van der Wiele – Walk the walk – explore ways to ensure strong authentication in real life scenarios
  • Daniel Krzyczkowski – The future of customer identity with Microsoft Entra
  • Nicki Borell – Azure AD Identity Governance – What do your users do with their access
  • Sander Berkouwer and Raymond Comvalius – Just apply the basics in your Azure AD tenant!
  • Anton Staykov – Seamless cross-tenant application access with Entra Azure AD Cross-Tenant sync

Koblenz is the hometown of Thomas Naunheim therefore we had also recommendations for sightseeing tips, city walks and Restaurants and start to meet the speaker on Wednesday in a Restaurant close to the Rhine and the Deutsche Eck (German Corner). After our great dinner, we made a short city walk to the Deutsche Eck and after this to a final beer for a good preperation for our conference on Thursday.

We started our hybrid conference a little late with a strong focus on the in-person experience and also broadcast the Sessions live to the world via teams.

In my estimation it was a complete success due to four factors:

  • Which is thanks to the great speakers who share their knowledge with great pleasure
  • The on-site participants who brought a lot of fun and made the sessions interactive, through their numerous questions
  • The great help of our team which made sure that the speakers and participants felt comfortable
  • Our great sponsors (adesso SE and glückkanja-gab AG) without whom this event would not have been possible for many reasons

We hope that the conference meet the expectations from our attendees and will plan for 2024 and we really want your Feedback for good and not so good thinks. The really goal of this conference it´s a conference from the community for the community. So gave us your feedback for a better Cloud Identity Summit in 2024!