Do you remember the last time you accessed something on the internet by answering a CAPTCHA Test? It’s an annoying but necessary measure to keep malicious bots from accessing a website.
CAPTCHA Tests are a very basic form of if-then conditional access, where if you want to access a resource, you have to complete a test. In a more complicated security setting, you may be required to complete multi-factor authentication or use a compliant device to access a specific resource within an organization.
Conditional access policies in Azure AD help you use similar if-then arguments to secure resources belonging to your M365 tenant. They enable you to set up specific requirements that a user must meet in order to access a company resource.
Recently, Microsoft announced that it has made a set of pre-built templates available for users to quickly set up conditional access policies in Azure AD. Here, we’ll take a look at what these templates are and how they can help you enforce better security within your organization.
This article covers:
In Microsoft 365, Conditional Access Policies are a series of if-then statements that control access to specific resources and applications using user and device identity signals.
This can have a variety of applications for organizations, such as blocking risky sign-in behaviors, granting access only to specific locations, and requiring multi-factor authentication for administrative accounts.
Signals can be used to identify risky behaviors and determine the decision of a conditional access policy. Here’s a list of common signals that can be used by Azure AD to decide whether or not to grant access to a specific request:
The signal will trigger the conditional access policy, either blocking the request outright or requiring the user to meet one of the following conditions to be granted access:
It’s also possible to combine multiple conditional access policies to trigger at the same time and grant access only when every single condition is met.
Recently, Microsoft has announced 14 new templates that organizations can use to make the process of setting up a conditional access policy much easier. These templates can be found under Azure portal > Azure Active Directory > Security > Conditional Access > Create new policy from template.
Here’s a complete list of the new templates that have been made available:
Identities:
Devices:
CoreView Configuration Manager for Microsoft 365 makes it easier to set up and manage multiple tenants in Microsoft 365. It provides a reliable way to implement conditional access policy templates and roll them out to all your tenants at the same time without fuss.
With CoreView, MSPs and enterprises can roll out conditional access policies across all their tenants as well as roll back new policies should they prove problematic. Everything can be accessed simply by visiting the Reconcile tab in the CoreView dashboard.
CoreView Configuration Manager for Microsoft 365 helps you create and adhere to baseline configurations with automated drift detection and implement configuration changes at scale across all your tenants. Interested? Sign up for a free demo to see how it all works!
