{"id":2166,"date":"2023-11-07T10:16:44","date_gmt":"2023-11-07T09:16:44","guid":{"rendered":"https:\/\/www.ituziast.com\/?p=2166"},"modified":"2024-03-21T10:10:15","modified_gmt":"2024-03-21T09:10:15","slug":"unleashing-the-superheroes-of-security-automatic-conditional-access-policies","status":"publish","type":"post","link":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/","title":{"rendered":"Unleashing the Superheroes of Security: Automatic Conditional Access Policies"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\">The magic of automation: How to set up Conditional Access Policies without lifting a finger<\/h3>\n\n\n\n<p>These policies streamline identity protection, providing a more comprehensive security framework for users. Conditional Access presents a robust solution, but we do need guidance on creating and deploying policies that suit unique needs. Microsoft&#8217;s managed Conditional Access policies are here to meet those demands.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>It was already announced on the Microsoft Security blog:<\/p>\n<cite><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/11\/06\/automatic-conditional-access-policies-in-microsoft-entra-streamline-identity-protection?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Automatic Conditional Access policies in Microsoft Entra streamline identity protection | Microsoft Security Blog<\/a><\/cite><\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">How it started<\/h3>\n\n\n\n<p>In the early days of cloud identity, implementing MFA was a complex process involving vendor selection, service configuration, and user persuasion. Microsoft later simplified this by making MFA the default for consumer accounts in 2013 and for enterprise accounts in 2019 with Security Defaults.<\/p>\n\n\n\n<p>These basic controls included:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/entra\/fundamentals\/security-defaults#require-all-users-to-register-for-azure-ad-multifactor-authentication?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Requiring all users to register for multifactor authentication<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/entra\/fundamentals\/security-defaults#require-administrators-to-do-multifactor-authentication?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Requiring administrators to do multifactor authentication<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/security-defaults#require-users-to-do-multifactor-authentication-when-necessary?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Requiring users to do multifactor authentication when necessary<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/security-defaults#block-legacy-authentication-protocols?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Blocking legacy authentication protocols<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/security-defaults#protect-privileged-activities-like-access-to-the-azure-portal?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Protecting privileged activities like access to the Azure portal<\/a><\/li>\n<\/ul>\n\n\n\n<p>This approach led to a significant reduction in account compromises, thanks to increased multi-factor authentication (MFA) usage. It did help, but requiring Administrators to use MFA, complicated the usage of <a href=\"https:\/\/learn.microsoft.com\/entra\/identity\/role-based-access-control\/security-emergency-access?WT.mc_id=ES-MVP-5002880#create-emergency-access-accounts\" target=\"_blank\" rel=\"noreferrer noopener\">emergency access account admins <\/a>. We recommend excluding them from any MFA and\/or Conditional Access policy. With Security Defaults, this was not possible.<\/p>\n\n\n\n<p>It did provide security hardening of existing and\/or future tenants, with <a href=\"https:\/\/learn.microsoft.com\/entra\/fundamentals\/whatis?WT.mc_id=ES-MVP-5002880#what-are-the-microsoft-entra-id-licenses\" target=\"_blank\" rel=\"noreferrer noopener\">free license<\/a> for Microsoft Entra ID.<\/p>\n\n\n\n<p>Conditional Access Policies provided finer control, and this functionality was exclusively available to users holding a Microsoft Entra ID Premium license.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img decoding=\"async\" src=\"https:\/\/cdn-dynmedia-1.microsoft.com\/is\/image\/microsoftcorp\/Blade009_How_2400x1000_1x?resMode=sharp2&amp;op_usm=1.5,0.65,15,0&amp;wid=1920&amp;qlt=85&amp;fit=constrain\" alt=\"Picture showing how conditional access works\" class=\"no-lazyload\" \/><figcaption class=\"wp-element-caption\">How conditional access works<\/figcaption><\/figure>\n<\/div>\n\n\n<p>At its core, Conditional Access Policies are akin to basic if-then statements: when a user seeks access to a resource, a specific action becomes a prerequisite. For example, when a user wishes to access an application or service like Microsoft 365, they must complete MFA to secure their access.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How it is going<\/h3>\n\n\n\n<p>Now, the next step in this journey involves the automatic deployment of Microsoft-managed Conditional Access policies. These policies offer straightforward, self-deploying recommendations, allowing You to adjust or disable them as needed, making them accessible to organizations of all sizes and complexities. While tailored policies for specific organizations will become available over time, the initial focus is on simplicity. Given the importance of MFA for enhancing identity security, the first three policies reflect that, as outlined in the table below:<\/p>\n\n\n\n<figure class=\"wp-block-table is-style-stripes\"><table><thead><tr><th class=\"has-text-align-left\" data-align=\"left\"><strong>Policy Name<\/strong>*<\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong>Aimed at<\/strong><\/th><th class=\"has-text-align-left\" data-align=\"left\"><strong>What it does<\/strong><\/th><\/tr><\/thead><tbody><tr><td class=\"has-text-align-left\" data-align=\"left\"><a href=\"https:\/\/learn.microsoft.com\/entra\/identity\/conditional-access\/howto-conditional-access-policy-admin-mfa?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Require MFA for admin portals<\/a><\/td><td class=\"has-text-align-left\" data-align=\"left\">All customers<\/td><td class=\"has-text-align-left\" data-align=\"left\">This policy encompasses the high-and-mighty admin roles and mandates the use of MFA whenever an admin logs into a Microsoft admin portal.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><a href=\"https:\/\/learn.microsoft.com\/entra\/identity\/conditional-access\/managed-policies?WT.mc_id=ES-MVP-5002880#multifactor-authentication-for-per-user-multifactor-authentication-users\" target=\"_blank\" rel=\"noreferrer noopener\">Require MFA for per-user authentication<\/a><\/td><td class=\"has-text-align-left\" data-align=\"left\">Existing per-user MFA customers<\/td><td class=\"has-text-align-left\" data-align=\"left\">This policy is tailored for users equipped with per-user MFA, making it mandatory for all cloud applications. It facilitates organizations in their shift towards Conditional Access.<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><a href=\"https:\/\/learn.microsoft.com\/entra\/identity\/conditional-access\/managed-policies?WT.mc_id=ES-MVP-5002880#multifactor-authentication-and-reauthentication-for-risky-sign-ins\" target=\"_blank\" rel=\"noreferrer noopener\">Require MFA for high-risk sign-ins<\/a><\/td><td class=\"has-text-align-left\" data-align=\"left\">Microsoft Entra ID Premium Plan 2 customers<\/td><td class=\"has-text-align-left\" data-align=\"left\">This policy extends to all users, necessitating both MFA and re-authentication during sign-ins deemed high-risk.<\/td><\/tr><\/tbody><\/table><figcaption class=\"wp-element-caption\">(* The documentation is not fully updated yet.)<\/figcaption><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>The first policy introduces one very important change, since this feature was only available for Microsoft Entra ID Premium Plan 1 and 2. While opting out is possible, Microsoft will increasingly require MFA for specific interactions. They already do, for certain Microsoft 365 and Azure management scenarios, access to <a href=\"https:\/\/partner.microsoft.com\/en-US\/\" target=\"_blank\" rel=\"noreferrer noopener\">Partner Center<\/a>, and <a href=\"https:\/\/learn.microsoft.com\/mem\/intune\/fundamentals\/deployment-guide-enrollment?WT.mc_id=AZ-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Intune device enrollment<\/a>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2023\/10\/MMPScreenshot-2048x793.webp\" alt=\"Screenshot of Microsoft managed Conditional Access policy, as shown in the portal. IT contains information for customization\" class=\"no-lazyload\" \/><figcaption class=\"wp-element-caption\">Microsoft managed policy (customization)<\/figcaption><\/figure>\n<\/div>\n\n\n<p>You can easily monitor these policies through the new policy view user interface, which offers a summary of the policy, alerts, recommended actions, and an impact summary. Customization options are available, allowing the exclusion of users, groups, or roles as exceptions, including emergency and break glass accounts. For more extensive customization&#8217;s, policy cloning is an option, enabling as many changes as needed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What\u2019s next<\/h3>\n\n\n\n<p>The gradual rollout of these policies to all eligible tenants will commence in mid-November, and advance notification will be provided. Upon visibility in Your tenants, you will have a 90-day window to review, customize, or disable these policies before they become active. During this period, the policies will operate in report-only mode, logging policy results without enforcing them.<\/p>\n\n\n\n<p>Furthermore, these policies will continue to evolve, with the goal of integrating machine learning-based policy insights and recommendations with automated policy deployment.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Additional links<\/h3>\n\n\n\n<p><a href=\"https:\/\/learn.microsoft.com\/office365\/servicedescriptions\/azure-active-directory?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Entra ID service description (formerly Azure Active Directory)<\/a><br><a href=\"https:\/\/learn.microsoft.com\/entra\/identity\/conditional-access\/concept-conditional-access-policy-common?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Common Conditional Access Policies<\/a><br><a href=\"https:\/\/learn.microsoft.com\/entra\/id-protection\/concept-identity-protection-risks?WT.mc_id=ES-MVP-5002880\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Entra ID &#8211; Risk Detection<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\">The magic of automation: How to set up Conditional Access Policies without lifting a finger These policies streamline identity protection, providing a more comprehensive security framework for users. Conditional Access presents a robust solution, but <a class=\"mh-excerpt-more\" href=\"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/\" title=\"Unleashing the Superheroes of Security: Automatic Conditional Access Policies\">[&#8230;]<\/a><\/div>\n","protected":false},"author":2,"featured_media":1082,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17,63],"tags":[194,12,191,192,105,102,193,15],"coauthors":[],"class_list":{"0":"post-2166","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-azure","8":"category-cloud","9":"tag-authentication","10":"tag-azure","11":"tag-conditional-access","12":"tag-mfa","13":"tag-microsoft-365","14":"tag-microsoft-azure","15":"tag-multi-factor","16":"tag-security"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\r\n<title>Unleashing the Superheroes of Security: Automatic Conditional Access Policies - ITuziast<\/title>\r\n<meta name=\"description\" content=\"The magic of automation: How to set up Conditional Access Policies without lifting a finger These policies streamline identity protection, providing a\" \/>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/\" \/>\r\n<meta property=\"og:locale\" content=\"en_US\" \/>\r\n<meta property=\"og:type\" content=\"article\" \/>\r\n<meta property=\"og:title\" content=\"Unleashing the Superheroes of Security: Automatic Conditional Access Policies - ITuziast\" \/>\r\n<meta property=\"og:description\" content=\"The magic of automation: How to set up Conditional Access Policies without lifting a finger These policies streamline identity protection, providing a\" \/>\r\n<meta property=\"og:url\" content=\"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/\" \/>\r\n<meta property=\"og:site_name\" content=\"ITuziast\" \/>\r\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ITuziast\" \/>\r\n<meta property=\"article:author\" content=\"https:\/\/bsky.app\/profile\/grozdanovd.bsky.social\" \/>\r\n<meta property=\"article:published_time\" content=\"2023-11-07T09:16:44+00:00\" \/>\r\n<meta property=\"article:modified_time\" content=\"2024-03-21T09:10:15+00:00\" \/>\r\n<meta property=\"og:image\" content=\"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/12\/cyber-security-digital-data-protection-concept_31965-4040.jpg\" \/>\r\n\t<meta property=\"og:image:width\" content=\"626\" \/>\r\n\t<meta property=\"og:image:height\" content=\"300\" \/>\r\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\r\n<meta name=\"author\" content=\"Dimitar Grozdanov\" \/>\r\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\r\n<meta name=\"twitter:creator\" content=\"@grozdanovd\" \/>\r\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dimitar Grozdanov\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/\"},\"author\":{\"name\":\"Dimitar Grozdanov\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#\\\/schema\\\/person\\\/8596bb127b83987935c0355c8ed6130c\"},\"headline\":\"Unleashing the Superheroes of Security: Automatic Conditional Access Policies\",\"datePublished\":\"2023-11-07T09:16:44+00:00\",\"dateModified\":\"2024-03-21T09:10:15+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/\"},\"wordCount\":730,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.ituziast.com\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cyber-security-digital-data-protection-concept_31965-4040.jpg\",\"keywords\":[\"Authentication\",\"Azure\",\"Conditional Access\",\"MFA\",\"Microsoft 365\",\"Microsoft Azure\",\"Multi-factor\",\"Security\"],\"articleSection\":[\"Azure\",\"Cloud\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/\",\"url\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/\",\"name\":\"Unleashing the Superheroes of Security: Automatic Conditional Access Policies - ITuziast\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.ituziast.com\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cyber-security-digital-data-protection-concept_31965-4040.jpg\",\"datePublished\":\"2023-11-07T09:16:44+00:00\",\"dateModified\":\"2024-03-21T09:10:15+00:00\",\"description\":\"The magic of automation: How to set up Conditional Access Policies without lifting a finger These policies streamline identity protection, providing a\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.ituziast.com\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cyber-security-digital-data-protection-concept_31965-4040.jpg\",\"contentUrl\":\"https:\\\/\\\/www.ituziast.com\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cyber-security-digital-data-protection-concept_31965-4040.jpg\",\"width\":626,\"height\":300,\"caption\":\"Cyber security digital data protection\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/2023\\\/11\\\/07\\\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.ituziast.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Unleashing the Superheroes of Security: Automatic Conditional Access Policies\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#website\",\"url\":\"https:\\\/\\\/www.ituziast.com\\\/\",\"name\":\"ITuziast\",\"description\":\"Bits and Bytes of Technology\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.ituziast.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#organization\",\"name\":\"ITuziast\",\"url\":\"https:\\\/\\\/www.ituziast.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.ituziast.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/ituziast-logo.png\",\"contentUrl\":\"https:\\\/\\\/www.ituziast.com\\\/wp-content\\\/uploads\\\/2020\\\/09\\\/ituziast-logo.png\",\"width\":512,\"height\":512,\"caption\":\"ITuziast\"},\"image\":{\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/ITuziast\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.ituziast.com\\\/#\\\/schema\\\/person\\\/8596bb127b83987935c0355c8ed6130c\",\"name\":\"Dimitar Grozdanov\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/970f950d69334bef706f381f8022be295b3e85d8d3214f8b5cd6fcc0e7cad338?s=96&d=mm&r=gb1156e7caf65275f1df79df9ad892041\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/970f950d69334bef706f381f8022be295b3e85d8d3214f8b5cd6fcc0e7cad338?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/970f950d69334bef706f381f8022be295b3e85d8d3214f8b5cd6fcc0e7cad338?s=96&d=mm&r=g\",\"caption\":\"Dimitar Grozdanov\"},\"description\":\"Engineer. 25+ years \u201cin the field\u201d. Cloud Solution Architect. Microsoft 365 MVP. Trainer. Co-founder\\\/Supporter of Tech Communities. Speaker. Blogger. Parent. Passionate about craft beer and hanging out with family and friends.\",\"sameAs\":[\"https:\\\/\\\/mvp.microsoft.com\\\/en-us\\\/PublicProfile\\\/5002880?fullName=Dimitar%20Grozdanov\",\"https:\\\/\\\/bsky.app\\\/profile\\\/grozdanovd.bsky.social\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/dimitar-grozdanov\\\/\",\"https:\\\/\\\/x.com\\\/grozdanovd\",\"https:\\\/\\\/www.youtube.com\\\/@dimitargrozdanov\"],\"url\":\"https:\\\/\\\/www.ituziast.com\\\/index.php\\\/author\\\/grozdanovd\\\/\"}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Unleashing the Superheroes of Security: Automatic Conditional Access Policies - ITuziast","description":"The magic of automation: How to set up Conditional Access Policies without lifting a finger These policies streamline identity protection, providing a","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/","og_locale":"en_US","og_type":"article","og_title":"Unleashing the Superheroes of Security: Automatic Conditional Access Policies - ITuziast","og_description":"The magic of automation: How to set up Conditional Access Policies without lifting a finger These policies streamline identity protection, providing a","og_url":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/","og_site_name":"ITuziast","article_publisher":"https:\/\/www.facebook.com\/ITuziast","article_author":"https:\/\/bsky.app\/profile\/grozdanovd.bsky.social","article_published_time":"2023-11-07T09:16:44+00:00","article_modified_time":"2024-03-21T09:10:15+00:00","og_image":[{"width":626,"height":300,"url":"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/12\/cyber-security-digital-data-protection-concept_31965-4040.jpg","type":"image\/jpeg"}],"author":"Dimitar Grozdanov","twitter_card":"summary_large_image","twitter_creator":"@grozdanovd","twitter_misc":{"Written by":"Dimitar Grozdanov","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#article","isPartOf":{"@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/"},"author":{"name":"Dimitar Grozdanov","@id":"https:\/\/www.ituziast.com\/#\/schema\/person\/8596bb127b83987935c0355c8ed6130c"},"headline":"Unleashing the Superheroes of Security: Automatic Conditional Access Policies","datePublished":"2023-11-07T09:16:44+00:00","dateModified":"2024-03-21T09:10:15+00:00","mainEntityOfPage":{"@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/"},"wordCount":730,"commentCount":0,"publisher":{"@id":"https:\/\/www.ituziast.com\/#organization"},"image":{"@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/12\/cyber-security-digital-data-protection-concept_31965-4040.jpg","keywords":["Authentication","Azure","Conditional Access","MFA","Microsoft 365","Microsoft Azure","Multi-factor","Security"],"articleSection":["Azure","Cloud"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/","url":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/","name":"Unleashing the Superheroes of Security: Automatic Conditional Access Policies - ITuziast","isPartOf":{"@id":"https:\/\/www.ituziast.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#primaryimage"},"image":{"@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/12\/cyber-security-digital-data-protection-concept_31965-4040.jpg","datePublished":"2023-11-07T09:16:44+00:00","dateModified":"2024-03-21T09:10:15+00:00","description":"The magic of automation: How to set up Conditional Access Policies without lifting a finger These policies streamline identity protection, providing a","breadcrumb":{"@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#primaryimage","url":"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/12\/cyber-security-digital-data-protection-concept_31965-4040.jpg","contentUrl":"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/12\/cyber-security-digital-data-protection-concept_31965-4040.jpg","width":626,"height":300,"caption":"Cyber security digital data protection"},{"@type":"BreadcrumbList","@id":"https:\/\/www.ituziast.com\/index.php\/2023\/11\/07\/unleashing-the-superheroes-of-security-automatic-conditional-access-policies\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ituziast.com\/"},{"@type":"ListItem","position":2,"name":"Unleashing the Superheroes of Security: Automatic Conditional Access Policies"}]},{"@type":"WebSite","@id":"https:\/\/www.ituziast.com\/#website","url":"https:\/\/www.ituziast.com\/","name":"ITuziast","description":"Bits and Bytes of Technology","publisher":{"@id":"https:\/\/www.ituziast.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ituziast.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.ituziast.com\/#organization","name":"ITuziast","url":"https:\/\/www.ituziast.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ituziast.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/09\/ituziast-logo.png","contentUrl":"https:\/\/www.ituziast.com\/wp-content\/uploads\/2020\/09\/ituziast-logo.png","width":512,"height":512,"caption":"ITuziast"},"image":{"@id":"https:\/\/www.ituziast.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ITuziast"]},{"@type":"Person","@id":"https:\/\/www.ituziast.com\/#\/schema\/person\/8596bb127b83987935c0355c8ed6130c","name":"Dimitar Grozdanov","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/970f950d69334bef706f381f8022be295b3e85d8d3214f8b5cd6fcc0e7cad338?s=96&d=mm&r=gb1156e7caf65275f1df79df9ad892041","url":"https:\/\/secure.gravatar.com\/avatar\/970f950d69334bef706f381f8022be295b3e85d8d3214f8b5cd6fcc0e7cad338?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/970f950d69334bef706f381f8022be295b3e85d8d3214f8b5cd6fcc0e7cad338?s=96&d=mm&r=g","caption":"Dimitar Grozdanov"},"description":"Engineer. 25+ years \u201cin the field\u201d. Cloud Solution Architect. Microsoft 365 MVP. Trainer. Co-founder\/Supporter of Tech Communities. Speaker. Blogger. Parent. Passionate about craft beer and hanging out with family and friends.","sameAs":["https:\/\/mvp.microsoft.com\/en-us\/PublicProfile\/5002880?fullName=Dimitar%20Grozdanov","https:\/\/bsky.app\/profile\/grozdanovd.bsky.social","https:\/\/www.linkedin.com\/in\/dimitar-grozdanov\/","https:\/\/x.com\/grozdanovd","https:\/\/www.youtube.com\/@dimitargrozdanov"],"url":"https:\/\/www.ituziast.com\/index.php\/author\/grozdanovd\/"}]}},"_links":{"self":[{"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/posts\/2166","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/comments?post=2166"}],"version-history":[{"count":25,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/posts\/2166\/revisions"}],"predecessor-version":[{"id":2191,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/posts\/2166\/revisions\/2191"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/media\/1082"}],"wp:attachment":[{"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/media?parent=2166"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/categories?post=2166"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/tags?post=2166"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.ituziast.com\/index.php\/wp-json\/wp\/v2\/coauthors?post=2166"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}