Arquivos #azuresecuritycenter - eduardokieling.com

Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.

conditional-access-signal-decision-enforcement Hello!!!

Conditional access policies are if-then instructions, if a user wants to access a resource, then they must complete an action first.

According to Microsoft, commonly applied policies are:

Require multifactor authentication for users with administrative roles Require multifactor authentication for Azure management tasks Block user entries attempting to use legacy authentication protocols Require trusted locations for Azure Multifactor Authentication registration Block or allow access in specific locations Block risky sign-in behaviors Require organization-managed devices for specific applications

Very important, to use this feature you must have at least one “premium” license from your Azure Active Directory.

As a demonstration, I will enforce MFA (Multifactor Authentication) for all administrative users. Continue reading “Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.”

Eduardo Kieling

🏆 Microsoft Azure MVP

Cloud Computing specialist focused on delivering intelligent SAP and non-SAP system migrations, optimizing cloud infrastructure, and automating deployments for scalability and efficiency. He holds a Master’s degree in Applied Computing and certifications from top global IT providers.

As a Microsoft Azure MVP, Eduardo collaborates closely with Microsoft’s product teams and shares his expertise with the global tech community through speaking engagements, articles, and mentoring. He is the founder of Azure RS, one of Brazil’s leading cloud computing communities.

Certifications

"The true sign of intelligence is not knowledge but imagination."

– Albert Einstein

[Launched] Generally Available: Granular Role-Based Access Control (RBAC) for Azure File Sync July 10, 2025
Azure File Sync now offers two dedicated, built-in RBAC roles, designed to enhance security and operational efficiency for businesses managing file synchronization across on-premises and cloud environments. These new roles, Azure File Sync Administrator a
[In preview] Public Preview: Trusted launch default for new Gen2 VMs & Scale sets July 10, 2025
Announcing public preview for key security enhancement in Azure: Trusted Launch as default (TLaD) for new deployments of Gen2 Virtual Machines (VMs), Virtual Machine Scale Sets (Scale set) and Azure Compute Gallery (ACG) resources. This will help enhance
[Launched] Generally Available: Enable Trusted launch on existing Virtual machine Uniform scale set July 10, 2025
Announcing general availability of support to enable Trusted launch on existing Virtual machine Uniform scale sets by upgrading the scale set resource to Gen2-Trusted launch. This will help improve the foundational security of existing Azure Virtual machi
[In development] Private Preview: Enable Trusted launch on existing Virtual machine Flex scale set July 10, 2025
Announcing preview support to enable Trusted launch on existing Virtual machine Flex scale set by upgrading the scale set resource to Gen2-Trusted launch. This will help improve the foundational security of existing Azure Virtual machine Flex scale set re
[Launched] Generally Available: Azure Automation supports PowerShell 7.4 & Python 3.10 runbooks and Runtime environment July 10, 2025
Azure Automation is pleased to announce a series of releases: General Availability of in-support PowerShell 7.4 and Python 3.10 runbooks Runtime Environment GA, enabling customers to seamlessly upgrade their outdated scripts to supported