top of page

New Updates to Microsoft Azure AD and Intune

Updated: Feb 22

The latest updates to two of Microsoft’s most popular tools are enhancing security and simplifying device management.


August 11, 2021

The COVID-19 pandemic forced a reality check on organizations worldwide. As remote working became the norm, many recognized the importance—or the necessity—of migrating to the cloud to ensure employees had continued access to frequently used tools, applications, and data.


Gartner reported end-user spending on cloud adoption is expected to grow by 18.4% in 2021 and reach a total of $304.9 billion by the end of the year. The reasons for rapid cloud acceleration are many, but the biggest driver is in order to meet the demands of remote working. It’s the flexibility and accessibility of the cloud that enables users to collaborate seamlessly and ensures business continuity.



girl on laptop


As one of the top cloud providers, Microsoft has seen a dramatic increase in cloud adoption among its customers. Microsoft CEO Satya Nadella stated: “We’ve seen two years’ worth of digital transformation in two months. From remote teamwork and learning to sales and customer service, to critical cloud infrastructure and security—we are working alongside customers every day to help them adapt and stay open for business in a world of remote everything.”


As part of this effort, Microsoft has released a number of exciting new updates to Azure AD and Intune (now called Microsoft Unified Endpoint Management).


See more about Azure AD and other Microsoft technologies from our Tech Insider Update video:


Updates to Azure AD


Temporary Access Pass


For years, Microsoft has been on a journey to eliminate passwords; the temporary access pass (TAP) is the first step in this journey. The tool is a time-limited passcode where users can register passwordless authentication methods and account recovery access without inputting a password. This effectively eliminates the need to use a password should a user lose their authentication devices.



TAP features a number of authentication method policies that ensure tight security around all passes, ensuring no unauthorized users can access company data. Policies are customizable to specific business needs. For example, admins can limit TAPs to specific users, create a time limit on passes, or set a one-time use policy.


The introduction of TAPs is a huge step forward in allowing companies to create a passwordless onboarding experience and is especially beneficial for organizations that must follow rigid NIST standards for onboarding or recovery.


secure lock and key


Azure AD Authentication for Servers


Users can now use their Azure AD login credentials to access Azure Windows VM. This functionality also integrates with RBAC, Conditional Access, and PIM.


It’s important to note that this feature requires Windows Server 2019 OS. Users who are utilizing a Bastion in Azure for server connectivity can not utilize this feature as Bastions are not yet supported.

The feature is designed to improve user management and boost cloud connectivity through Azure’s directory.




Conditional Access Updates


Microsoft released a number of new features and functionalities in Azure AD’s conditional access policies to add additional security layers.


Admins can now require a password reset on grant controls. Based on company conditions, an admin can decide to reset a user’s password and the Microsoft authenticator will go through the flow prior to resetting the password.


A new feature under user actions is ‘Register or Join Devices’ to Azure AD. It’s here that admins can input conditional access policies around how users enroll in multi-factor authentication (MFA), such as requiring users to enroll in MFA through the corporate network. This feature allows for more granular control of adding and joining devices within Azure AD.


Finally, admins have the ability to create a “Named Location” policy based on the GPS coordinates of the mobile devices as opposed to the IP address. This is a major improvement as it enables organizations to better defend against cybercriminals who can easily change their location every few seconds to avoid detection. Using the new conditional access policy, admins can determine device location by actual physical GPS coordinates.


Using these new conditional access policies, organizations are able to tighten security around their devices, decreasing the chance of an external attack that could have catastrophic consequences.



team working with technology


Updates to Microsoft Unified Endpoint Management (UEM)


New Filtering Ability to Target More Granular Audiences


Microsoft has released a number of new filters that provide users with the ability to deploy policies, profiles, and applications and filter the audience of who a new policy applies to or which devices will be affected by an update. Users can choose from a number of policies, including device name or category, model, OS version, and more.


For example, if an admin wants to view which individuals in the sales department are using corporate devices as opposed to personal devices, they can utilize the ‘Device Ownership’ filter.



Streamline Your Move to the Cloud with JourneyTEAM


The latest updates to both Azure AD and Microsoft UEM provide users with a streamlined, secure cloud experience. The features mentioned above are just some of the robust cloud tools that provide organizations with the flexibility, security, and productivity needed to navigate the new normal.


To learn more about Microsoft UEM and Azure AD, contact JourneyTEAM, a Microsoft Gold Partner and award-winning consulting firm. Using our proven methodology and powerful technology, we’ve helped thousands of organizations customize Microsoft products to fit their exact needs and cloud migration journey. Contact us today to get started.


For any additional questions, please contact JourneyTEAM at (801) 565-9199.


Why JourneyTEAM

JourneyTEAM is an award-winning consulting firm with proven technology and measurable results. As a Microsoft Gold Partner, we have extensive knowledge of each of Microsoft’s products including Dynamics 365, SharePoint intranet, Office 365, Azure, CRM, GP, NAV, SL, AX, and can help you tailor the software to fit the exact needs of your organization. We have solutions for sales, marketing, productivity, collaboration, analytics, accounting, security, and more. JourneyTEAM specializes in the industries of Finance, Media & Communications, Capital Equipment, Manufacturing, Installation, and Service. Whether you’re looking for total project support or someone to help you along the way, JourneyTEAM will provide the exact level of support you need.



Comentários


Os comentários foram desativados.
bottom of page