SlideShare une entreprise Scribd logo

Azure AD and Office 365 - Deja Vu All Over Again

S
Sean Deuby

What's going on in Azure Active Directory and Office 365

Technologie
1  sur  38
Azure AD and Office 365 déjà vu all over again Mark Diodati Research VP/IAM Agenda Manager mark.diodati@gartner.com @mark_diodati Sean Deuby Solutions Architect Sean.deuby@edgile.com @shorinsean
62% of Gartner clients Have or will migrate to Office 365 80% of the Global 500 65% of the Fortune 1000
A Tail Wagging a Very Large Dog Office 365 is driving Azure AD adoption • As Exchange drove Active Directory adoption • If you want the app, you must have the platform • 3rd party IDaaS from Okta, Centrify, Ping Identity and others work with Azure AD Azure AD > authentication service for Office 365 • Identity platform for all Microsoft Online Services • Full blown IDaaS (SaaS SSO, on-premises app publishing, MFA, on-prem integration)
It’s a Big Dog • 10 million Azure AD tenants • Mostly < 500 accounts, cloud only • More than half a billion users • 1.3 billion logins per day • Detects and mitigates 10 million attacks per day • 4 billion in the last 12 months • 100K organizations synching on- premises Active Directory with Azure AD
Magic Quadrant for Identity and Access Management http://gtnr.it/1UeQJ4a
Trend: customer expectations for IAM capabilities in multi-platform offerings Azure AD wins on identity IaaS EMM Virtualization AWS wins on IaaS
Azure B2B Hybrid Identity MFA
Azure B2B Hybrid Identity MFA
Questions “How do we connect our enterprise users to Office 365 and other Azure AD-protected applications?” Connecting users requires • Admin-time actions: Users must be provisioned/managed into Azure AD’s identity store • Runtime actions: Users must authenticate to Azure AD before accessing resources (SAML or password)
Use IGA and AD Connect Begin User Management Selection Use IGA Product Strategic IGA Product Deployed? IGA Product Supports AzureAD? Is Password Syncor Mgmt Important? Yes No IAMfor SaaS Apps Exclusively via Azure AD? No Use AD Connect Yes No Reevaluate Directory Sync Requirements Yes Is Single-Vendor Solution Important? Use 3rd Party Directory Sync Use 3rd Party Directory Sync and AD Connect Yes No No Yes Use IGA and AD Connect Begin User Management Selection Use IGA Product Strategic IGA Product Deployed? IGA Product Supports AzureAD? Is Password Syncor Mgmt Important? Yes No IAMfor SaaS Apps Exclusively via Azure AD? No Use AD Connect Yes No Reevaluate Directory Sync Requirements Yes Is Single-Vendor Solution Important? Use 3rd Party Directory Sync Use 3rd Party Directory Sync and AD Connect Yes No No Yes User Management
Use 3rd Party Directory Sync Use IGA and AD Connect Use AD Connect Use IGA Product Use 3rd Party Directory Sync and AD Connect User Management Options
Directory Sync AD Azure AD Identity Bridge Change DetectionCRUD
AD Connect Password Management* Azure AD AD Encrypted Change Attempt Azure AD Connect * Other IDaaS vendors can do this, too.* Other IDaaS vendors can do this, too.
AD Connect Password Hash Sync* Azure AD Connect Azure AD AD 8743b52063cd84097a65d1633f5c74f5 Hash Hash * Unique to Azure AD and AD Connect.* Unique to Azure AD and AD Connect.
Mark’s Recommendations
Use AD Connect No On-PremIAM to SaaS Apps? IsPassword Syncor AzureAD DS Important?
IGA Product Doesn t Support Azure AD | Pw Sync / AAD DS? Strategic IGA Product Deployed? Use IGA Product Use IGA and AD Connect Yes
Password Sync / AAD DS Important? On-Premises Provisioning to SaaS Apps? Use 3rd Party Directory Sync Use 3rd Party Sync and AD Connect yes
Use IGA and AD Connect Begin User Management Selection Use IGA Product Strategic IGA Product Deployed? IGA Product Supports AzureAD? Is Password Syncor Mgmt Important? Yes No IAMfor SaaS Apps Exclusively via Azure AD? No Use AD Connect Yes No Reevaluate Directory Sync Requirements Yes Is Single-Vendor Solution Important? Use 3rd Party Directory Sync Use 3rd Party Directory Sync and AD Connect Yes No No Yes User Authentication Use 3rd Party Federation Use AD FS Begin Authentication Selection Federation to Azure AD Only? Yes Yes No Yes No Yes No No Many On-Premises Connections to SaaS Apps? Federated SP Required? SP for Windows and SAML Apps Only? Use AD Connect SSO Requirement? Low Assurance Requirement? No Yes Yes No
Mark’s Recommendations
Use AD Connect (Password Sync) Use 3rd Party Federation (SAML) Use AD FS (SAML)
Use AD Connect (Password Sync) Small ITStaff? Low Assurance Requirement? No SSO Requirements?No SSO Requirements?
Federation to Azure AD Only? Use AD FS SP for Windows and SAML Apps Only?
SP for Heterogeneous Apps? Use 3rd Party Federation Many On-Premises Connectionsto SaaS Apps?
Azure B2B Hybrid Identity MFA
Azure MFA • Second factor authentication for all Azure AD-integrated resources • Originally acquired from PhoneFactor • Focuses on phone • Smart (voice, SMS, app) • Feature (voice, SMS) • Landline (voice) • Soft token in the app Azure Active Directory
Azure MFA vs. MFA Server • Azure MFA service • Protects Azure AD-integrated resources • MFA Server • Hybrid solution • On-premises server(s) • Protects on-premises services • VPN, Remote Desktop, IIS apps • Can protect Azure AD resources (with AD FS) Azure Active Directory
Which Type Of MFA Do I Need? It’s (mostly) about where the IdP is • Microsoft cloud (Azure AD): Azure MFA • On premises (AD FS): MFA Server or 3rd party Resource Protected Azure MFA MFA Server Azure AD IdP Azure AD native AuthN X Office 365 X X (if AD FS) Azure AD-integrated SaaS apps (per app basis) X On-premises apps published to Azure AD via Azure App Proxy X On-premises (e.g. AD DS) IdP Azure AD AuthN (via AD FS) X VPN access to corpnet X Remote Desktop to corpnet X IIS applications X SP-initiated SaaS login via AD FS X
Directions & Recommendations • Where is this hybrid product going? • Overall solution will incrementally gain capabilities • Azure MFA is the strategic service • MFA Server is stable but not being enhanced • Capabilities are being picked up by other services • AD FS 2016 built-in Azure MFA adapter • Prediction: Connector tech (like AAD App Proxy) to replace other capabilities • Recommendations • Azure MFA very smartphone focused • Bundling with other services makes pricing attractive • Only option for fine-grained MFA in Microsoft Online Services
Azure B2B Hybrid Identity MFA
Shortcomings of Traditional B2B Models Federation partnerships • Infrastructure requirements • Scaling issues • Limited partner visibility Internal partner directories • Lifecycle management issues • Attack vector
Microsoft’s B2B Model • 10 Million organizations in Azure AD today… • …Why not use Azure AD for the B2B infrastructure? • B2BaaS • If you aren’t in Azure AD…we’ll add you automagically • Partner org identities made available to you • You control access • They control their identities
Azure B2B Access Model • Creates CSV file of invited partner employees • Uploads to Azure – invites are sent Invite • Invitee accepts invitation • If in Azure AD: Sign in • Not in Azure AD: Sign up / viral tenant created Accept • Invitee created as external user in inviter’s directory • Access granted to user Access
Strengths • B2B infrastructure is handled for you • Scalable to many partners • You control access without managing their identities • Supports • SaaS apps • Azure services • Other claims-aware apps • Essentially free to Azure AD-using organizations
Current Flat Spots • External user is copied from partner directory, not linked • Outside of identity lifecycle management • User authenticates against their home directory • Can delete • No attestation yet • CSV file • PowerShell, invite API not yet supported • Does not support social email providers yet (e.g. gmail)
Stuff We Didn’t Get To • Azure AD Domain Services • Graph API for provisioning • Adaptive/Conditional Access • OpenID Connect • SSO to On-Premises Applications (App Proxy)
Mark Diodati mark.diodati@gartner.com @mark_diodati Sean Deuby Sean.Deuby@edgile.com @shorinsean

Recommandé

Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureSparkhound Inc.
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnPeter Selch Dahl
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Ravikumar Sathyamurthy
 
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerO365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerNCCOMMS
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Microsoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesMicrosoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesAndre Debilloez
 

Recommandé

Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
Identity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureIdentity Management for Office 365 and Microsoft Azure
Identity Management for Office 365 and Microsoft AzureSparkhound Inc.
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnPeter Selch Dahl
 
Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Azure AD with Office 365 and Beyond!
Azure AD with Office 365 and Beyond!Ravikumar Sathyamurthy
 
O365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerO365Con19 - A Life Without Passwords Dream or Reality - Sander Berkouwer
O365Con19 - A Life Without Passwords Dream or Reality - Sander BerkouwerNCCOMMS
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Microsoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesMicrosoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesAndre Debilloez
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 
Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical GuideSasha Rosenbaum
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?Vignesh Ganesan I Microsoft MVP
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Kris Wagner
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
 
Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365nelmedia
 
Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Robert Crane
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure DevelopersKrunal Trivedi
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure ADNew Horizons Ireland
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectoryThurupathan Vijayakumar
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overviewgjuljo
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAMRichard Harvey
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...European Collaboration Summit
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGAzure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGRoy Kim
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Nordic Infrastructure Conference
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Nordic Infrastructure Conference
 
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...Morgan Simonsen
 
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITProceed
 
DIO Consulting Presentation for Corporate & Large Organizations
DIO Consulting Presentation for Corporate & Large OrganizationsDIO Consulting Presentation for Corporate & Large Organizations
DIO Consulting Presentation for Corporate & Large Organizationsdioconsulting
 

Contenu connexe

Tendances

Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 
Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical GuideSasha Rosenbaum
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?Vignesh Ganesan I Microsoft MVP
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Kris Wagner
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
 
Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365nelmedia
 
Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Robert Crane
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure DevelopersKrunal Trivedi
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overviewgjuljo
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...European Collaboration Summit
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGAzure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGRoy Kim
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Nordic Infrastructure Conference
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Nordic Infrastructure Conference
 
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...Morgan Simonsen
 

Tendances (20)

Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Azure Active Directory, Practical Guide
Azure Active Directory, Practical GuideAzure Active Directory, Practical Guide
Azure Active Directory, Practical Guide
 
What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?What's new in Azure Active Directory and what's coming new ?
What's new in Azure Active Directory and what's coming new ?
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge ready
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the Cloud
 
Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365
 
Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015Office 365 Identity Management - SMBNation 2015
Office 365 Identity Management - SMBNation 2015
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure Developers
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overview
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAM
 
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
ECS19 - Bram De Jager - Design a secure collaboration solution with Azure In...
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGAzure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...Brian Desmond - Identity and directory synchronization with office 365 and wi...
Brian Desmond - Identity and directory synchronization with office 365 and wi...
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for Developers
 
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
Raymond Comvalius & Sander Berkouwer - Bring your own device essentials with ...
 
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
 

En vedette

ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITProceed
 
DIO Consulting Presentation for Corporate & Large Organizations
DIO Consulting Presentation for Corporate & Large OrganizationsDIO Consulting Presentation for Corporate & Large Organizations
DIO Consulting Presentation for Corporate & Large Organizationsdioconsulting
 
K.Noelle Consulting Presentation
K.Noelle Consulting PresentationK.Noelle Consulting Presentation
K.Noelle Consulting PresentationKirsten Byron
 
Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentQuest
 
Identity and Access Management - IDM365
Identity and Access Management - IDM365 Identity and Access Management - IDM365
Identity and Access Management - IDM365 ITMC
 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionMichele Leroux Bustamante
 
CIS 2014: Azure Active Directory (Sean Deuby)
CIS 2014: Azure Active Directory (Sean Deuby)CIS 2014: Azure Active Directory (Sean Deuby)
CIS 2014: Azure Active Directory (Sean Deuby)CloudIDSummit
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCloudIDSummit
 
14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentationkevin_donovan
 
Pcubed project management consulting presentation
Pcubed project management consulting presentationPcubed project management consulting presentation
Pcubed project management consulting presentationDiego Beltrame
 
Selling Consulting Services
Selling Consulting ServicesSelling Consulting Services
Selling Consulting ServicesIvy Exec
 
LCM Consulting presentation
LCM Consulting presentationLCM Consulting presentation
LCM Consulting presentationLCM Consulting
 
Mckinsey presentation template
Mckinsey presentation templateMckinsey presentation template
Mckinsey presentation templatetriphos
 

En vedette (14)

ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
ITPROCEED_TransformTheDatacenter_ten most common mistakes when deploying adfs...
 
DIO Consulting Presentation for Corporate & Large Organizations
DIO Consulting Presentation for Corporate & Large OrganizationsDIO Consulting Presentation for Corporate & Large Organizations
DIO Consulting Presentation for Corporate & Large Organizations
 
K.Noelle Consulting Presentation
K.Noelle Consulting PresentationK.Noelle Consulting Presentation
K.Noelle Consulting Presentation
 
Mitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory EnvironmentMitigating Risk in a Complex Hybrid Directory Environment
Mitigating Risk in a Complex Hybrid Directory Environment
 
Identity and Access Management - IDM365
Identity and Access Management - IDM365 Identity and Access Management - IDM365
Identity and Access Management - IDM365
 
Design Practices for a Secure Azure Solution
Design Practices for a Secure Azure SolutionDesign Practices for a Secure Azure Solution
Design Practices for a Secure Azure Solution
 
CIS 2014: Azure Active Directory (Sean Deuby)
CIS 2014: Azure Active Directory (Sean Deuby)CIS 2014: Azure Active Directory (Sean Deuby)
CIS 2014: Azure Active Directory (Sean Deuby)
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
 
14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation14.06.05 IT Summit IAM Presentation
14.06.05 IT Summit IAM Presentation
 
Pcubed project management consulting presentation
Pcubed project management consulting presentationPcubed project management consulting presentation
Pcubed project management consulting presentation
 
IdM vs. IDaaS
IdM vs. IDaaSIdM vs. IDaaS
IdM vs. IDaaS
 
Selling Consulting Services
Selling Consulting ServicesSelling Consulting Services
Selling Consulting Services
 
LCM Consulting presentation
LCM Consulting presentationLCM Consulting presentation
LCM Consulting presentation
 
Mckinsey presentation template
Mckinsey presentation templateMckinsey presentation template
Mckinsey presentation template
 

Similaire à Azure AD and Office 365 - Deja Vu All Over Again

Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Max Fritz
 
Understanding Cloud Identities - SMBNation 2015
Understanding Cloud Identities - SMBNation 2015Understanding Cloud Identities - SMBNation 2015
Understanding Cloud Identities - SMBNation 2015Robert Crane
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD PremiumRobin Vermeirsch
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identityJoTechies
 
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?Scott Hoag
 
Azure AD for browser-based application developers
Azure AD for browser-based application developersAzure AD for browser-based application developers
Azure AD for browser-based application developersBob German
 
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalMake IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalBIWUG
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKPeter Selch Dahl
 
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365Scott Hoag
 
SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivityDiana Carolina Torres Viasus
 
20150924 Xylos Technology Day - Stay in control of your identity with Azure A...
20150924 Xylos Technology Day - Stay in control of your identity with Azure A...20150924 Xylos Technology Day - Stay in control of your identity with Azure A...
20150924 Xylos Technology Day - Stay in control of your identity with Azure A...Robin Vermeirsch
 
Análisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la informaciónAnálisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la informaciónPlain Concepts
 
O365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi RoineO365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi RoineNCCOMMS
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?Scott Hoag
 
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Chris Gillum
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAnthony Clendenen
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADuberbaum
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
 
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...Vincent Biret
 
CIS14: Lean In: Enterprise Cloud Identity
CIS14: Lean In: Enterprise Cloud IdentityCIS14: Lean In: Enterprise Cloud Identity
CIS14: Lean In: Enterprise Cloud IdentityCloudIDSummit
 

Similaire à Azure AD and Office 365 - Deja Vu All Over Again (20)

Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
 
Understanding Cloud Identities - SMBNation 2015
Understanding Cloud Identities - SMBNation 2015Understanding Cloud Identities - SMBNation 2015
Understanding Cloud Identities - SMBNation 2015
 
20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium20160400 Technet- Hybrid identity and access management with Azure AD Premium
20160400 Technet- Hybrid identity and access management with Azure AD Premium
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identity
 
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?SYDSP - Office 365 and Cloud Identity - What does it mean for me?
SYDSP - Office 365 and Cloud Identity - What does it mean for me?
 
Azure AD for browser-based application developers
Azure AD for browser-based application developersAzure AD for browser-based application developers
Azure AD for browser-based application developers
 
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalMake IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
JAXSPUG January 2016 - Microsoft Cloud Identities in Azure and Office 365
 
SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity SCU Berlín | Cloud identity for maximum productivity
SCU Berlín | Cloud identity for maximum productivity
 
20150924 Xylos Technology Day - Stay in control of your identity with Azure A...
20150924 Xylos Technology Day - Stay in control of your identity with Azure A...20150924 Xylos Technology Day - Stay in control of your identity with Azure A...
20150924 Xylos Technology Day - Stay in control of your identity with Azure A...
 
Análisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la informaciónAnálisis de riesgos en Azure y protección de la información
Análisis de riesgos en Azure y protección de la información
 
O365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi RoineO365Con19 - Azure Blackbelt - Jussi Roine
O365Con19 - Azure Blackbelt - Jussi Roine
 
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
SPS Sydney - Office 365 and Cloud Identity – What does it mean for me?
 
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
Easy Auth Overview - Tokyo Azure Meetup - Feb 2018
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
 
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...
#SPFestSea azr302 The SharePoint Framework and the #MicrosoftGraph under ster...
 
CIS14: Lean In: Enterprise Cloud Identity
CIS14: Lean In: Enterprise Cloud IdentityCIS14: Lean In: Enterprise Cloud Identity
CIS14: Lean In: Enterprise Cloud Identity
 

Dernier

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 

Dernier (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 

Azure AD and Office 365 - Deja Vu All Over Again

  • 1.
  • 2. Azure AD and Office 365 déjà vu all over again Mark Diodati Research VP/IAM Agenda Manager mark.diodati@gartner.com @mark_diodati Sean Deuby Solutions Architect Sean.deuby@edgile.com @shorinsean
  • 3. 62% of Gartner clients Have or will migrate to Office 365 80% of the Global 500 65% of the Fortune 1000
  • 4. A Tail Wagging a Very Large Dog Office 365 is driving Azure AD adoption • As Exchange drove Active Directory adoption • If you want the app, you must have the platform • 3rd party IDaaS from Okta, Centrify, Ping Identity and others work with Azure AD Azure AD > authentication service for Office 365 • Identity platform for all Microsoft Online Services • Full blown IDaaS (SaaS SSO, on-premises app publishing, MFA, on-prem integration)
  • 5. It’s a Big Dog • 10 million Azure AD tenants • Mostly < 500 accounts, cloud only • More than half a billion users • 1.3 billion logins per day • Detects and mitigates 10 million attacks per day • 4 billion in the last 12 months • 100K organizations synching on- premises Active Directory with Azure AD
  • 6. Magic Quadrant for Identity and Access Management http://gtnr.it/1UeQJ4a
  • 7. Trend: customer expectations for IAM capabilities in multi-platform offerings Azure AD wins on identity IaaS EMM Virtualization AWS wins on IaaS
  • 10. Questions “How do we connect our enterprise users to Office 365 and other Azure AD-protected applications?” Connecting users requires • Admin-time actions: Users must be provisioned/managed into Azure AD’s identity store • Runtime actions: Users must authenticate to Azure AD before accessing resources (SAML or password)
  • 11. Use IGA and AD Connect Begin User Management Selection Use IGA Product Strategic IGA Product Deployed? IGA Product Supports AzureAD? Is Password Syncor Mgmt Important? Yes No IAMfor SaaS Apps Exclusively via Azure AD? No Use AD Connect Yes No Reevaluate Directory Sync Requirements Yes Is Single-Vendor Solution Important? Use 3rd Party Directory Sync Use 3rd Party Directory Sync and AD Connect Yes No No Yes Use IGA and AD Connect Begin User Management Selection Use IGA Product Strategic IGA Product Deployed? IGA Product Supports AzureAD? Is Password Syncor Mgmt Important? Yes No IAMfor SaaS Apps Exclusively via Azure AD? No Use AD Connect Yes No Reevaluate Directory Sync Requirements Yes Is Single-Vendor Solution Important? Use 3rd Party Directory Sync Use 3rd Party Directory Sync and AD Connect Yes No No Yes User Management
  • 12. Use 3rd Party Directory Sync Use IGA and AD Connect Use AD Connect Use IGA Product Use 3rd Party Directory Sync and AD Connect User Management Options
  • 14. AD Connect Password Management* Azure AD AD Encrypted Change Attempt Azure AD Connect * Other IDaaS vendors can do this, too.* Other IDaaS vendors can do this, too.
  • 15. AD Connect Password Hash Sync* Azure AD Connect Azure AD AD 8743b52063cd84097a65d1633f5c74f5 Hash Hash * Unique to Azure AD and AD Connect.* Unique to Azure AD and AD Connect.
  • 17. Use AD Connect No On-PremIAM to SaaS Apps? IsPassword Syncor AzureAD DS Important?
  • 18. IGA Product Doesn t Support Azure AD | Pw Sync / AAD DS? Strategic IGA Product Deployed? Use IGA Product Use IGA and AD Connect Yes
  • 19. Password Sync / AAD DS Important? On-Premises Provisioning to SaaS Apps? Use 3rd Party Directory Sync Use 3rd Party Sync and AD Connect yes
  • 20. Use IGA and AD Connect Begin User Management Selection Use IGA Product Strategic IGA Product Deployed? IGA Product Supports AzureAD? Is Password Syncor Mgmt Important? Yes No IAMfor SaaS Apps Exclusively via Azure AD? No Use AD Connect Yes No Reevaluate Directory Sync Requirements Yes Is Single-Vendor Solution Important? Use 3rd Party Directory Sync Use 3rd Party Directory Sync and AD Connect Yes No No Yes User Authentication Use 3rd Party Federation Use AD FS Begin Authentication Selection Federation to Azure AD Only? Yes Yes No Yes No Yes No No Many On-Premises Connections to SaaS Apps? Federated SP Required? SP for Windows and SAML Apps Only? Use AD Connect SSO Requirement? Low Assurance Requirement? No Yes Yes No
  • 22. Use AD Connect (Password Sync) Use 3rd Party Federation (SAML) Use AD FS (SAML)
  • 23. Use AD Connect (Password Sync) Small ITStaff? Low Assurance Requirement? No SSO Requirements?No SSO Requirements?
  • 24. Federation to Azure AD Only? Use AD FS SP for Windows and SAML Apps Only?
  • 25. SP for Heterogeneous Apps? Use 3rd Party Federation Many On-Premises Connectionsto SaaS Apps?
  • 27. Azure MFA • Second factor authentication for all Azure AD-integrated resources • Originally acquired from PhoneFactor • Focuses on phone • Smart (voice, SMS, app) • Feature (voice, SMS) • Landline (voice) • Soft token in the app Azure Active Directory
  • 28. Azure MFA vs. MFA Server • Azure MFA service • Protects Azure AD-integrated resources • MFA Server • Hybrid solution • On-premises server(s) • Protects on-premises services • VPN, Remote Desktop, IIS apps • Can protect Azure AD resources (with AD FS) Azure Active Directory
  • 29. Which Type Of MFA Do I Need? It’s (mostly) about where the IdP is • Microsoft cloud (Azure AD): Azure MFA • On premises (AD FS): MFA Server or 3rd party Resource Protected Azure MFA MFA Server Azure AD IdP Azure AD native AuthN X Office 365 X X (if AD FS) Azure AD-integrated SaaS apps (per app basis) X On-premises apps published to Azure AD via Azure App Proxy X On-premises (e.g. AD DS) IdP Azure AD AuthN (via AD FS) X VPN access to corpnet X Remote Desktop to corpnet X IIS applications X SP-initiated SaaS login via AD FS X
  • 30. Directions & Recommendations • Where is this hybrid product going? • Overall solution will incrementally gain capabilities • Azure MFA is the strategic service • MFA Server is stable but not being enhanced • Capabilities are being picked up by other services • AD FS 2016 built-in Azure MFA adapter • Prediction: Connector tech (like AAD App Proxy) to replace other capabilities • Recommendations • Azure MFA very smartphone focused • Bundling with other services makes pricing attractive • Only option for fine-grained MFA in Microsoft Online Services
  • 32. Shortcomings of Traditional B2B Models Federation partnerships • Infrastructure requirements • Scaling issues • Limited partner visibility Internal partner directories • Lifecycle management issues • Attack vector
  • 33. Microsoft’s B2B Model • 10 Million organizations in Azure AD today… • …Why not use Azure AD for the B2B infrastructure? • B2BaaS • If you aren’t in Azure AD…we’ll add you automagically • Partner org identities made available to you • You control access • They control their identities
  • 34. Azure B2B Access Model • Creates CSV file of invited partner employees • Uploads to Azure – invites are sent Invite • Invitee accepts invitation • If in Azure AD: Sign in • Not in Azure AD: Sign up / viral tenant created Accept • Invitee created as external user in inviter’s directory • Access granted to user Access
  • 35. Strengths • B2B infrastructure is handled for you • Scalable to many partners • You control access without managing their identities • Supports • SaaS apps • Azure services • Other claims-aware apps • Essentially free to Azure AD-using organizations
  • 36. Current Flat Spots • External user is copied from partner directory, not linked • Outside of identity lifecycle management • User authenticates against their home directory • Can delete • No attestation yet • CSV file • PowerShell, invite API not yet supported • Does not support social email providers yet (e.g. gmail)
  • 37. Stuff We Didn’t Get To • Azure AD Domain Services • Graph API for provisioning • Adaptive/Conditional Access • OpenID Connect • SSO to On-Premises Applications (App Proxy)

Notes de l'éditeur

  1. The more observant of you may have noted that my esteemed co-presenter, Mark Diodati of Gartner, is not here. He had to cancel at the last minute, thanks to a careless cyclist on the wrong side of the bike trail, and had surgery on his shoulder yesterday, so send him your best wishes.. As a result, I’ll be presenting Mark’s material. Unfortunately I didn’t have time to come up with one of Mark’s trademark sweater vests! He does give his best regards to all and wishes he could be here. I’ve done my part to make him feel included < show photo > so if you have any questions I can’t answer, I’ll just pretend that’s Mark’s material so you can talk to the photo! It’s impossible to survey Azure AD and o365
  2. Big: https://blogs.technet.microsoft.com/ad/2016/05/05/major-coolness-microsoft-security-intelligence-report-20-highlights-azuread-identity-protection/ 100K customers syncing: https://blogs.technet.microsoft.com/ad/2016/04/13/100000-customers-are-syncing-on-premises-directories-with-azure-ad/
  3. https://blogs.technet.microsoft.com/enterprisemobility/2016/01/05/best-way-to-connect-to-office-365-and-azure-ad-latest-data-azure-ad-connect-momentum/ Big: https://blogs.technet.microsoft.com/ad/2016/05/05/major-coolness-microsoft-security-intelligence-report-20-highlights-azuread-identity-protection/ 100K customers syncing: https://blogs.technet.microsoft.com/ad/2016/04/13/100000-customers-are-syncing-on-premises-directories-with-azure-ad/ Large tenants make up 91% of all users
  4. Gartner’s forward-thinking clients are starting to look at IAM not as a pure service into itself any more, but built into an IaaS. This speaks well for Azure AD for its IAM capabilities such as Azure AD domain services. AWS doesn’t have an identity store with real users, doesn’t have an Openid Connect or SAML provider (it’s a SAML service provider but not an identity provider). Duopology that’s emerging is that Azure AD wins on identity features, but AWS wins on IaaS features because of its depth and breadth of services
  5. A very common question from Gartner customers is… Must have users in local identity store because there’s no way that Azure AD is going to reach back into your on-premises AD at run time because they’d be on the hook for YOUR availability, e.g. firewall, network connectivity, DC availability, against their SLA. All SaaS providers work this way.
  6. Okta and Centrify can do this too.
  7. Password hash sync is a capability that no other identity bridge provider can do, because of Microsoft’s ownership of on-premises AD and Azure AD. Synching the AD password hash – it can be captured and written into the Azure AD credentials cash to provide a consistent sign on (not single) experience If a third party wanted to do this, you’d have to force users through their portal where the password could be captured, or install filters on every DC in the domain. Possible, but very difficult.
  8. If you aren’t connecting to SaaS apps from on-premises, only from Azure AD, AD Connect is fine because it only syncs to Azure AD. If you’re doing local connections you need a more fully-featured synchronizer.
  9. If you’re happy with your IGA system, and it has a connector to provision to Azure AD , use it If it doesn’t provision, use iga to manage on-premises in conjunction with AD Connect to sync with Azure AD
  10. Radiant Logic, PingFed 17:00 If you’re provisioning to an existing set of apps, aint br
  11. What’s new in AD FS 2016: https://technet.microsoft.com/en-us/library/mt617220.aspx
  12. What’s the need for B2B? Companies collaborating with other companies Getting the talent Spreading the risk Supply chain networks Partners The need Cross org collaboration with clear security between what allowed and what’s not Traditional B2B access control models have a number of shortcomings inter-org federation partnerships require sophisticated infra for the (perhaps small) partner Complexity grows linearly, gets unwieldy for large corporations Very limited partner user level visibility (just what’s in the security token) Internally managed partner directories More creds for partners to remember, lose, get stolen Typically not managed as closely as employee accounts = attack vector Not connected to partner’s identity lifecycle, thus not kept current (zombies) “The hackers that carried out the massive data breach at Target Corp. appear to have gained access via a refrigeration contractor in Pittsburgh that connected to the retailer's systems to do electronic billing.” – Wall Street Journal “Criminals used a third-party vendor's user name and password to enter the perimeter of Home Depot's network.” – Home Depot "If I want to attack Fort Knox and I know they have locks and guards and strong security, it is easier to attack one of their providers who already have access to the gold.“ – James Christiansen, VP, Accuvant
  13. Invitation: Azure AD > Users > Add Users > Users in partner companies > upload file > click on link for batch status report as invitiations are sent out
  14. External user management and limitations: https://azure.microsoft.com/en-us/documentation/articles/active-directory-create-users-external/#external-user-management-and-limitations CSV file is source for invitations Apps and groups partner user are assigned to are stored in list as AppPrincipalID and ObjectIDs which must be looked up via PowerShell