This post has been republished via RSS; it originally appeared at: Azure Active Directory Identity Blog articles.
Azure Active Directory (Azure AD) can help you better safeguard and manage identities, but to maximize its benefits, it’s important to deploy it in the most secure way possible. The Microsoft 365 blog recently hosted a Top 10 security deployment actions with Microsoft 365 series, and the first four blogs focus on our top recommendations for securing your identities with Azure AD.
In the first blog, we recommend how to connect your on-premises resources to your Azure AD. Read it to understand why we recommend you use password hash synchronization as either your primary or backup authentication method.
Once you’ve set up a single, common identity for each user across your on-premises and cloud environment, it’s important to safeguard access. The second post in the series talks through how to set up single sign-on, multi-factor authentication and passwordless authentication to help you verify identity at every sign-in.
The third blog in the series, recommends configuring Azure AD Identity Protection to receive reports that identify users who have likely been compromised. You can also use Azure AD Identity Protection to set automated responses. This post also provides advice on how to use Azure AD Privileged Identity Management to protect your administrator accounts.
Azure AD Conditional Access lets you apply security policies that are triggered automatically when certain conditions are met, and our fourth blog provides details on the types conditions that influences risk score. You will also learn about the policies that you can automatically enforce.
We hope you found these tips helpful. For more advice on deploying Azure AD and other Microsoft 365 products, visit the series. As always, we’d love to hear your feedback or suggestions– please leave them in the comments below or reach out to us on Twitter (@azuread)
The Azure AD Team