Baseline Boosters
Conditional Access Policies
In a nutshell
Microsoft Entra ID Conditional Access policies provide a powerful set of tools for securing access to your organisation's critical resources. By using these policies, you can control who can access your resources, from where, and on which devices. This helps to ensure that only those authorised are accessing your data, keeping out unauthorised users and devices.
Conditional Access policies can help you meet compliance requirements and regulatory standards, such as GDPR and PCI-DSS.
Bitesized benefits:
Zero Trust Security
You can use Conditional Access policies to enforce a zero-trust security model by requiring users to be authenticated and authorised before accessing resources. This approach helps prevent unauthorised access to sensitive data, even from within the organisation's network.
Risk-Based Access Controls
Conditional Access policies can be configured to evaluate risk factors such as user location, device health and suspicious activity, and enforce access controls based on the level of risk. This ensures that access to sensitive data is granted only to authorised users on trusted devices.
Context-Aware Access Controls
You can configure Conditional Access policies to apply access controls based on contextual factors such as the user's location, device type, and network, helping to prevent unauthorised access to sensitive data from untrusted devices or locations.
Adaptive Access Controls
Conditional Access policies can be configured to dynamically adjust access controls based on changes in user behaviour, device health, or other risk factors. This approach helps ensure that access to sensitive data is granted only to authorised users on trusted devices, even as the risk landscape evolves.
Integration with Azure Information Protection
Conditional Access policies can be integrated with Azure Information Protection to enforce data protection policies based on the sensitivity of the data being accessed. This helps ensure that sensitive data is protected – regardless of where it is accessed from, or by whom.
Tell me more
What's included:
Azured will work with you to scope the project, helping you to determine the most appropriate Conditional Access policies to be enforced, and for which user groups. We will then configure and deploy the Conditional Access policies, and provide you with training documentation and a handover, so you are fully enabled to manage the service going forward.
1. Discovery
Determine policies to be enforced and user groups.
2. Scope
1-hour workshop to run through implementation and how it will affect users.
3. Configure
Configuration of the policies and known/ trusted locations and devices.
4. Deploy
Full deployment of the policies, including testing.
5. Document
Documentation that includes how to monitor the service, and enable/disable policies.
6. Handover
30-minute workshop to ensure you have everything you need.
Minimum licence requirements
A Microsoft Entra ID P1 is required as a minimum, but this will not give you risk-based policy features – for which a Microsoft Entra ID P2 is required.
Estimated costs
A one-off cost implementation cost of £3,000.
Getting started...
To get started with Conditional Access, book a discovery call with Elliot