New Features Now Available in Microsoft Azure AD and Microsoft Intune

User Review
0 (0 votes)

As the COVID-19 pandemic continues to drag on, migration to the cloud is continuing to accelerate. Research conducted by IDC predicts that by the end of 2021, 80% of enterprises will put a mechanism in place to migrate to the cloud twice as fast as before the COVID-19 pandemic.

One cloud provider that is experiencing rapid growth in response to COVID-19 is Microsoft. CEO Satya Nadella stated: “We’ve seen two years’ worth of digital transformation in two months. From remote teamwork and learning to sales and customer service, to critical cloud infrastructure and security—we are working alongside customers every day to help them adapt and stay open for business in a world of remote everything.”

With thousands of new users moving to Microsoft’s version of the cloud, the company has released new updates to both Microsoft Intune (now called Unified Endpoint Management) and Azure AD to boost security, improve productivity, and simplify device management.

Azure AD Updates

Temporary Access Pass (TAP)

Microsoft has long been trying to eliminate the need for passwords; TAP is a big step forward in achieving this goal. The tool is a time-limited password that’s created and issued by an IT administrator. This password can then be used during onboarding or resetting existing accounts. The hope is that TAP can eventually stop the usage of permanent passwords within a corporate network altogether.

In terms of account recovery, TAP simplifies the process while still keeping information secure by enabling users to reset passwords or change authentication methods without inputting a password.

Azure AD Authentication for Servers

To increase cloud connectivity and simplify user management, Microsoft users can now use their Azure AD login credentials to enter Azure Windows VM. This new functionality also supports integration with Conditional Access, RBAC, and PIM.

Users must have Windows Server 2019 OS to utilize this feature. Currently, Bastions that are used for server connectivity within Azure AD are unsupported, though this may change in the future.

New Conditional Access Policies

To help companies improve cybersecurity, Microsoft released new conditional access policies (CAP) in Azure AD. These include:

  • Password Reset: Should admins detect a potential threat or suspicious logins, they can automatically reset user passwords. Additionally, should users require a password reset, admins can require multi-factor authentication prior to resetting. 
  • Register or Join Devices: To provide admins with greater control over devices, Microsoft increased the security and requirements surrounding device onboarding. For example, admins can create CAPs that require users to set up MFA methods through the corporate network when adding or joining new devices.
  • Named Location: Previously, admins could only track corporate devices through IP addresses, which is not always accurate. With the ‘Named Location’ policy, devices are tracked using GPS coordinates which provide a more precise location. 

New Filtering Capabilities in Microsoft UEM

When admins create CAPs within Azure AD, they can then utilize Microsoft UEM filters to see how policies, restrictions, and updates will affect devices and users. Essentially, these filters provide admins with greater visibility and control when assigning CAPs. 

For example, filters can be used to deploy a new Android phone compliance policy to all employees within the company but exclude Android devices that don’t support mobile compliance policy settings. The same can be done for iOS devices.

These new updates to Microsoft solutions are a significant step forward in creating a user-friendly and secure cloud environment and facing the ambiguity of the future with confidence.

Choose JourneyTEAM

Integrating new solutions into an existing technology stack can be complicated and time-consuming. JourneyTEAM, a Microsoft Gold partner, relieves this burden by doing all the heavy lifting. We provide organizations with as much—or as little support—as needed when implementing Microsoft solutions. Contact a representative today to get started.

The post New Features Now Available in Microsoft Azure AD and Microsoft Intune appeared first on CRM Software Blog | Dynamics 365.