Conditional access policies are if-then instructions, if a user wants to access a resource, then they must complete an action first.
According to Microsoft, commonly applied policies are:
Require multifactor authentication for users with administrative roles Require multifactor authentication for Azure management tasks Block user entries attempting to use legacy authentication protocols Require trusted locations for Azure Multifactor Authentication registration Block or allow access in specific locations Block risky sign-in behaviors Require organization-managed devices for specific applications
Very important, to use this feature you must have at least one “premium” license from your Azure Active Directory.
As a demonstration, I will enforce MFA (Multifactor Authentication) for all administrative users. Continue reading “Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.”