How to avoid intrusions in your company, protecting the identity of your users and access to corporate applications and data
Do you know who is accessing your company's data right now? Can you automatically detect an intrusion risk and deny access to your data?
Lately, the theft of passwords has proliferated alarmingly through fraudulent mail delivery practices with the aim of inducing the recipients to reveal their personal information (a technique called Phising, which according to studies is used in 81% of the attacks). the companies).
To get a password, hackers send their victims an email on behalf of a real person with a text and a link to ask the user to perform an action that actually directs them to a fake website (imitating the login to Office 365) , to a bank, LinkedIn, etc). Logically, once the user enters their credentials in those fraudulent web pages ..., these are compromised, immediately causing a severe security breach in the company.
In addition to other situations that also compromise our passwords, if we consider the growth of the use of applications in the cloud along with the fact that many users often reuse the same password to access them (thus avoiding having to remember different passwords), the threat of security for companies is enormous in the face of the risk that a cybercriminal will obtain only a user password for an application that may not even be corporate!
The solution to this headache for the IT department is again in the cloud and it is called Azure Active Directory, because it can facilitate, through a single and protected identity (single sign-on), a secure and validated access in two steps , to all the applications that the users of the company use, be at home (on-premise) or in the cloud (Office 365, SalesForce, DropBox, Twitter and many other thousands), also greatly simplifying IT management.
Benefits of Azure Active Directory
For the users:
- Protection against situations of attempted phishing, thanks to features that guarantee that the user is the one who claims to be adding a second verification at the time of identification (two-step authentication) and intelligent analysis systems to detect fraudulent uses based on the detection of very suspicious behaviors.
- If before the user managed multiple passwords (even if he incurred the risk of establishing the same), with AAD the user stops having a password per application and instead passes to have only one identity to access in a unified way all the applications approved by the company. Therefore, once you log in (on your computer or in an Office 365 App), the user should no longer enter credentials in the applications that are configured.
- Autonomy for the change and re-establishment of passwords, without IT dependencies.
- Greater control over access to data and applications from the outside.
- Peace of mind that the identity of users is well protected against attempts to impersonate and its consequences.
- Simplification of the management of passwords, users, groups and access to Cloud applications.
Overview of the main features of Azure Active Directory Premium
E conditions Azure Active Directory
Azure Active Directory (AAD), is offered in several editions: Free, Basic, and those that incorporate security features that help us protect the identity of users and their access to our applications and data: Premium P1 and Premium P2.
Free Edition: Included in Office 365 , you can mainly:
- Synchronize local active directories with the cloud directory (Azure Active Directory)
- Possibility of using the same identity (username and password), to access other applications in the cloud. Limited to 10 applications.
- Self-service password change only for users created in the cloud (not synchronized).
- Synchronization of passwords of the local active directory with Azure Active Directory.
- Manage users and groups created only in the cloud.
- Possibility of having guest users using their own identity (from other companies that also use AAD). This feature, called B2B collaboration, allows up to 5 guests per license, the guest receiving the characteristics of the license.
Basic Edition: Benefits of the free edition and in addition:
- Self-service password reset for users created in the cloud.
- Possibility of using the same identity (username and password), to access other applications that we have in-house (on-premise), typically web applications or that are hosted behind a remote desktop, through the " AAD Application Proxy " feature. Limited to 10 applications.
- Personalization of the login page to applications in the cloud with the company's brand. Very useful to avoid theft of credentials.
- 99.9% business quality service level contract.
Premium Edition P1: Benefits of the basic edition and in addition:
- Self-service reset and password change from outside the company for synchronized users.
- Authentication in two steps, to ensure the identity of the user (via SMS, call or mobile App), including the possibility of setting up trusted locations (branches, offices, ...) to reduce the impact to users.
- Possibility of using the same identity (username and password), to access without limit other applications that we have in-house.
- Detection of cloud applications not managed by IT that are used by the company's users ("Cloud App Discovery"), with the objective that administrators can configure (force) access to them using a single identity (single sign). on), thus controlling the Shadow IT
- MIM server license, for self-service password reset and unlock from within the company for synchronized users.
- Synchronization monitoring agent between the local AD and Azure Active Directory: Users, passwords and domain controllers.
- Conditional access to limit access to applications from outside the company (based on group membership, geographical location and device status).
- Make changes to Groups from Office 365 that will be synchronized with the local active directory.
- Advanced security reporting:
- Report with all the logins.
- Report of "logins at risk" grouped by the concept of "risk events" such as "Users with lost credentials", "Logins from anonymous IP addresses". 30 day withholding
Premium Edition P2: Features of the Premium P1 edition and in addition:
- " Identity Protection": Conditional access based on configurable risks . To do this, strange behaviors are analyzed (for example, you have logged in from very distant locations in an impossible time, you try to access from a computer not managed by the organization).
- Privileged Identity Management: Administration and protection of administrator accounts, allowing to assign the role of administrator to a user temporarily, alerting of the change and supervising their access to resources among other functions.
- Very advanced security reporting:
- The "risk events" are categorized by severity and type of detection. In addition, more "risk events" are introduced
- The retention of the report of "logins at risk" is increased to 90 days
If you want to know in detail the services of identity management consult this infographic . If you want to go into detail about the features and functionalities, we recommend this link , and if you wonder how Microsoft protects your active directory in the cloud, you can see it here .
In short, Azure Active Directory is the key to help protect the identity of users, closing the main gateway to cybercriminals and also facilitating secure access to all applications (be it at home or in the cloud), reducing management to the IT departments.
Do you want to know more about how to improve security by protecting access to your data and applications?