« Previous 1 2 3

Privileged Identity Management in Azure AD

Just Enough

Bottom Line

Especially for larger enterprises in which cloud services are managed by a group of admins and security is a top priority, PIM is worth a look.

MFA for administrative accounts should always be the first step toward securing privileged accounts; however, MFA does not provide protection against "accidental" administration or an attacker that hijacks a session after an MFA prompt, which is also valid for a few hours. PIM in AAD expands JIT and JEA, giving organizations more control over changes in AAD services and Azure resources.

The time limit on permissions can provide protection against the disease from which many Windows AD deployments still suffer today: a static, excessively long list of domain admins that is never tidied up and, in the worst case, contains accounts that are used for daily work, such as email and PowerPoint.

Infos

Two-man rule: https://en.wikipedia.org/wiki/Two-man_rule

« Previous 1 2 3

Buy this article as PDF

Express-Checkout as PDF

Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES

SUBSCRIPTIONS

Print Subs

Digisubs

TABLET & SMARTPHONE APPS

US / Canada

UK / Australia

Related content

Delegate and restrict authorizations in Azure AD
Azure AD is one of the most important authentication services for cloud environments. We show you how to delegate authorizations in Azure AD to ensure better security.

more »
Shadow admin permissions and your AWS account
Malicious attackers are trying to conquer your AWS castle in the cloud. To mount a strong defense, you'll need a deeper understanding of privilege escalation and shadow admin permissions.

more »
Monitor Active Directory with Azure AD Connect Health
Microsoft cloud service Azure Active Directory Connect Health supports monitoring of Active Directory, especially in large and distributed environments, but the tool is also useful for monitoring hybrid landscapes using Azure Active Directory.

more »
Private cloud with Microsoft Azure Stack
Azure Stack is an Azure extension that implements an on-premises data center for consistent hybrid cloud deployments.

more »
Identity Governance regulates access control in Azure AD
Azure Active Directory Identity Governance brings security processes to organizations with users who access resources or collaborate with partners in the cloud.

more »

comments powered by Disqus

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.