Microsoft Entra Conditional Access: Block Authentication Flows
Cloud Coffee
by Oliver Müller
2w ago
The Microsoft Entra Conditional Access for authentication flows regulates the use of the device code flow and authentication transfer. The device code flow is used to authenticate devices that do not have a browser or whose input is restricted, such as smart TVs, IoT devices, or printers. The device code flow represents a high-risk authentication flow, which could be exploited in phishing attacks or to gain access to corporate resources on unmanaged devices. The authentication transfer is a new flow that provides a seamless way to transfer the authenticated state from one device to another. In ..read more
Visit website
Temporary Access Pass in Microsoft Entra: what it is and how to use it
Cloud Coffee
by Oliver Müller
1M ago
A Temporary Access Pass (TAP) is a time-limited passcode that can be configured for single or multiple use. The Temporary Access Pass (TAP) allows the user to securely sign in to the Microsoft Cloud within a defined time period to set up additional authentication methods. These secure authentication methods include passwordless methods such as FIDO2 security keys or the Microsoft Authenticator App. The limited time period for access authorisations makes the Temporary Access Pass (TAP) an indispensable tool for security guidelines and compliance requirements. This blog post explains how to acti ..read more
Visit website
Microsoft Entra Privileged Identity Management (PIM) and FIDO2: Increasing the security of privileged roles
Cloud Coffee
by Oliver Müller
2M ago
Privileged roles and permissions in Microsoft Entra ID allow you to manage all aspects of Microsoft Azure and Microsoft 365. To make phishing and other attacks more difficult, a secure password for privileged Microsoft Entra roles is no longer enough. Phishing-resistant multi-factor-authentication, such as FIDO2 protocol on a security key in combination with Microsoft Entra Privileged Identity Management (PIM), significantly increases security for the Microsoft Tenant and convenience for the user. This blog post demonstrates how to configure Microsoft Entra Privileged Identity Management (PIM ..read more
Visit website
Microsoft Entra Internet Access: Protect users with powerful web content filtering
Cloud Coffee
by Oliver Müller
3M ago
Microsoft Entra Internet Access is a cloud-delivered solution that secures access to web content. It protects users, devices, and data from internet threats. This solution is part of Microsoft’s Security Service Edge (SSE), which also includes Microsoft Entra Private Access. This solution is based on the core principles of Zero Trust Network Access (ZTNA), which aims to apply the principle of minimal rights, explicit verification and assumption of an attack. Microsoft Entra Internet Access implements adaptive access controls, simplifies network security, and enables a consistent user experienc ..read more
Visit website
Secure Emergency Access: Create and Manage Microsoft Entra Emergency Accounts with YubiKey (FIDO2)
Cloud Coffee
by Oliver Müller
4M ago
A Microsoft Entra Emergency Account (Break Glass Account) is a highly privileged account for emergency access to Azure resources in critical situations when traditional access paths are not available. For example, this may be a service outage, so that multi-factor authentication cannot be performed via a mobile phone. The use of emergency accounts is strictly controlled, monitored and restricted. In this post, you will learn how you can use Microsoft Entra emergency accounts and YubiKey (FIDO2) to secure access to Azure at all times and minimise risks at the same time. Prerequisites and Licens ..read more
Visit website
Microsoft Entra Private Access: secure access to internal resources and cloud services without VPN
Cloud Coffee
by Oliver Müller
5M ago
Microsoft Entra Private Access gives users secure access to the internal network and cloud-based services from anywhere in the world. Setting up and maintaining (complex) VPN connections is now a thing of the past. Microsoft Entra Private Access is part of Microsoft Global Secure Access, which includes a range of identity and network access security products. The service is based on the SASE framework (Secure Access Service Edge), which combines WAN functions and zero-trust network access (ZTNA) in a cloud-based platform. This blog post highlights the configuration steps for Microsoft Entra Pr ..read more
Visit website
The Guardian of Azure Services: Azure Service Health
Cloud Coffee
by Oliver Müller
6M ago
An essential aspect of using cloud services is ensuring availability and performance. Outages or performance problems have a significant impact on today’s business processes and lost revenue, image damage and angry customers. Azure Service Health is a free service from Microsoft Azure. The service provides real-time information in a dashboard about the status and performance of Azure services. The service continuously monitors resources and proactively informs about service problems. Azure Service Health provides information in the following categories: Service issues Notifications about unex ..read more
Visit website
SMB over QUIC and Azure Server: empowering secure and lightning fast file sharing
Cloud Coffee
by Oliver Müller
7M ago
SMB over QUIC is a network protocol used by Windows. It allows secure, shared use of resources such as files on the network. To use SMB (Server Message Block) without QUIC, TCP port 445 is required. Some Internet providers block TCP port 445 for security reasons. Therefore, it is not possible to connect to a file share on Azure by SMB successfully. To bypass the blocking of TCP port 445, there are several options to choose from, including the following: VPN (Virtual Private Network), e.g. AlwaysOnVPN Third party software, e.g. MyWorkDrive SMB over QUIC (Quick UDP Internet Connection) Some wa ..read more
Visit website
Azure Arc and Windows Server: The perfect pair for the hybrid cloud
Cloud Coffee
by Oliver Müller
9M ago
Microsoft Azure Arc is a solution that enables resources to be centrally managed and monitored across multiple environments. Azure Arc extends the management capabilities of Azure to on-premises resources or other cloud providers such as Amazon Web Services (AWS) or Google Cloud Platform (GCP). Resources integrated into Azure Arc are administered via the unified Azure Portal. Regardless of where they are physically or geographically located. Overall, Azure Arc provides consistent, centralized and simplified management of resources. This guide describes how to deploy a Windows Server hosted out ..read more
Visit website
Show First Contact Safety Tip in Email
Cloud Coffee
by Oliver Müller
10M ago
First Contact Safety Tip is a feature in Microsoft Office 365 to better protect users from phishing attacks. First Contact Safety Tip is part of Microsoft Defender for Office 365 or Exchange Online Protection and helps users detect fake or fraudulent mails. If a suspicious email is received, the email will have a warning in the header informing the user that it may be phishing email. The warning is shown in one of the following cases: – the sender sends an email to the mailbox for the first time – the sender very rarely sends an email to this mailbox Prerequisites and Licensing The Exchange On ..read more
Visit website

Follow Cloud Coffee on FeedSpot

Continue with Google
Continue with Apple
OR