Access Management Part 1: Conditional Access

00:00

Welcome back, Sudbury ins to the M s 3 65 Security Administration course.

00:06

I'm your instructor, Jim Daniels.

00:08

In this video, we're still a model to identity and access,

00:12

but we're starting Lesson three access management

00:15

with part one conditional access.

00:19

In this lesson, we're gonna learn what conditional access is how it helps secure your environment,

00:26

how conditional access, policies, work

00:28

and the principles of the zero trust model.

00:32

Conditional access.

00:34

If this then that if this condition is meant, this action happens,

00:40

conditions and actions can be positive. Negative. Working the layered.

00:44

You seen the movie, Goonies?

00:47

You know what this picture is from

00:49

if you haven't seen the movie Goonies, Shame on you,

00:52

for this example. Just saw with me

00:55

Chung cast to perform the truffle shuffle

00:58

as a condition

00:59

in order to get in the Mikey's house.

01:02

So the condition is when the user

01:03

is chunk

01:06

Is the truffle shuffle true or false?

01:08

If it's true, he's performed it and he's allowed the action of going into Mikey's house

01:15

Conditional access. If this, then that

01:19

conditional access is comprised of signals

01:22

which include user geo location device, whether the device maybe is compliant. What unless it has road time risk

01:32

if it's a risk factors type of analysis in application.

01:37

This is just someone of signals that you can use as a foundation for your conditional access.

01:42

Every access is

01:45

it's in

01:46

every attended. Access is verified. Based on those signals.

01:49

You can either block access, allow access or require M F A

01:55

as a second authentication factor before you allow access.

02:00

Conditional access policies could be applied based on the vice state application, sensitivity, location and other rules.

02:07

Slon We just looked at

02:09

this. Is that same slide broken down a little bit more?

02:14

These are all signals.

02:15

User may be a member of a certain group,

02:17

maybe a geo location, maybe a certain i p

02:22

The device, maybe if it's marked as compliant, non compliant. If there is an active threat on the device at the platform, maybe it's Windows versus Mac of this.

02:32

Maybe he's IOS device. So where goes into a mobile topic? Conditional. Access

02:38

all of these different signals, either by themselves or combine and layered

02:43

make up an expansive array of conditional access policies that you can create that suits your environment, your organization and your security posture.

02:53

So as her 80 conditional Access and Federated Authentication.

02:58

No.

02:59

When, As Brady has Federated authentication,

03:02

the service handles the authentication into Azure 80. Refusing Federated authentication

03:08

damp indication doesn't happen in Azure et happens when you're

03:14

Federated Service.

03:15

So if you need to

03:16

set up conditional access policies for non m s racist, the final maps

03:22

you have to set up via a DFS

03:24

that's important. If you just want to have m s straight 65 conditional access policies

03:30

you said them right up in that straight 65

03:34

zero trust trust no one

03:37

basically what it is. Instead of giving people access

03:40

and the fun went down, no one gets access

03:44

and then slowly verified based on the access that they need.

03:50

Explosive verification of every access request if you want access is something is going to verify

03:55

least privileged access.

03:58

You only get access to do what you need to do for your job.

04:02

If your job doesn't dictate it, you will never get access to it. Least privileged. Suggest in Time jit risk based access policies that works with release privilege, access

04:15

brief mentality always acts If your organization was breached

04:18

80 to minimize the potential damage and that of us. Think semis already inside your network, you need to close off what you can close off that says you're a trust. Those are the three pillars of zero trust

04:32

zero Trust with the necessary 65

04:35

who goes are three pillars. Each column Explicit verification you can use when this alert. For business, multi factor authentication. Strengthen your past for policies. Conditional access. You extend the management for a moon prim to the cloud within tune or indium

04:53

least purples access.

04:55

Minimize Adnan assignments.

04:57

Regular audits of who has as privileged access

05:00

for clothes and then the management pin. We talked about that previously.

05:03

Just in time. Controls expiring Rolls Center rolls up to auto expire.

05:09

Briefs mentality

05:10

cloud have security. We'll talk about that in the future. Defender. 80 p 03 65. 80 p as your 80 p. That's a lot of 80 piece would talk about all of those 80 piece as well. And as we're in front projection

05:21

all of those help with the brief mentality. Pillar off zero Trust.

05:27

One tool you may want to use is as your 80 application proxy.

05:30

They was access to one premise. Weather applications from a remote client.

05:34

The proxy service runs in the cloud,

05:38

but the connector runs when one premise server

05:42

users are past the sign and token from as rady to weather.

05:46

You can replace the need for a VPN or reverse proxy

05:50

can use as a radi conditional access for on premise apso. Remember before

05:55

where we said, Hey,

05:57

if you want one for Miss Applications tohave conditional access, you have to use a D. A office.

06:01

Not so fast, my friend.

06:03

This is how you get around it.

06:05

You don't want to invest in a DFS, but you still have on premise whether applications that you want to do conditional access against this is your answer. As radi at proxy,

06:16

you can use it for on premise APS.

06:18

It's a proxy

06:20

only algo in connection from one premise suffers require, so there's no incoming connection.

06:27

Magic

06:28

quiz.

06:29

Were you paying attention when I talked about zero Trust

06:32

What is not a core tenet or core pillar of the zero trust security model?

06:39

Explosive verification?

06:41

Assume the breach mentality,

06:44

least privileged access

06:46

or backup of authentication logs.

06:48

What is not a core tenant?

06:51

If you said

06:54

anything that dear incorrect

06:56

dancers de backed up of authentication logs.

07:00

That's always a good thing to do. However, it's not a Cortina Zero Trust for zero Trust.

07:05

You want explosive verification. You want to always assume you've been breached,

07:11

and you won't least privileged access

07:14

for your users

07:15

to recap this very quick lesson.

07:17

Conditional Access takes a variety of signals,

07:21

applies criteria to those signals and then forces in action

07:26

based upon the results.

07:28

Zero Trust model has three main areas. Explosive verification,

07:33

least privileged access

07:35

and assume you've been breached

07:39

as her 80 application proxy allows remote access to one premises application

07:46

and then reduces the need for VP and reverse proxy.

07:48

Thank you for joining me on this lesson. I look to see you for the next one.