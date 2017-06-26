Home Applications Microsoft: Cloud Identity Overview – Part 2 (Authorisation)


Authentication is the process to validate that an individual is who they say they are. Authorisation extends this to determine what are they allowed to access given what we know about the user at that point. As we move into an era of working anywhere, on any device at any time, authorisation becomes very important to safeguard corporate assets as we need to factor in where, on what and when the user is trying to access data.

Microsoft has extensive capability in this space so here are the options I see customers using with Microsoft Cloud Services.

  1. Multi Factor Authentication (MFA) – While technically this should be in the authentication discussion I have placed it here as MFA is commonly enforced as a result of an authorisation evaluation. Azure MFA enables you to enforce strong authentication (phone, pin, application) in a variety of scenarios. You could, if you wanted to enable it for all users all of the time (strongly advised for administrator accounts) or you could just enforce when needed (step up authentication). i.e. you detect a user is outside of the network, on a non-managed device and many other scenarios.

Read the entire article here, Cloud Identity Overview – Part 2 (Authorisation) – OnCloud

via the fine folks at Microsoft




