Thursday, July 22, 2021

Azure Identity Protection to protect your credentials

With Azure Identity Protection (Azure AD P2 feature), Azure provides necessary precautions to protect and safeguard identities. 

Some of the common risks with identities are

  • Leaked credentials
  • Malware linked IP addresses
  • Unfamiliar sign-in properties
  • and many more,
As you can assume, it is very difficult to manually monitor each and every corner of the internet to check our credentials are compromised.

As a remedy Microsoft provides us with Identity Protection feature which has an automated detection of identity based risks. 

Identity Protection will provide remediation using different policies. We have two main policies to support us.












User risk policy
Azure will identity user accounts that may have compromised credentials. Policies will define what actions to be performed for such accounts

Based on the severity of the user risk, Azure will classify the riskiness as low, medium and high.

Following is the approach to configure User risk policy

Step 1 : Select target users







  













Step 2 : Select the risk level




















Microsoft recommends to put the threshold to High.


Step 3 : Select the control





















According to this setting in above diagram, user access will be blocked.


Sign-in risk policy
Azure will identify suspicious sign-in attempts of users. Policies will define what actions to be performed for such accounts

Based on the severity of the user risk, Azure will classify the riskiness as low, medium and high.

Following is the approach to configure Sign-in risk policy

Step 1: Select target users





















Step 2 : Select the risk level





















Microsoft recommends to put the threshold to Medium and Above.


Step 3 : Select the control




















According to this setting in above diagram, user access will be blocked

After policies are set, administrators can refer various reports to obtain further insights.



No comments: