Azure AD on Anything About IT

Monitoring Service principal sign-ins with AzureAD and Azure Sentinel

Sat, 10 Oct 2020 14:14:12 +0000

Here is a conversation between Jeffrey (Developer) and Marc (IT Admin) working for ECorp Ltd.

Looks familiar? Take a look in your Azure Active directory, how many applications do you have there? In an ideal world you maintain an inventory of all these applications somewhere in your asset management database so that you know who is the owner of the Application and what it is used for and what API permissions are granted. As for the client secret, this should be stored in a Vault.

How to monitor your Azure AD emergency account with Cloud App Security

Wed, 09 Jan 2019 21:11:35 +0000

As a best practice you should have at least one or two emergency accounts in your Azure Active Directory. You would use these accounts in the event where due to a configuration mistake you inadvertently locked yourself out of the Azure Active Directory or when for some reason you can’t use MFA that should be enabled on all administrative accounts.

For more guidance about creating emergency accounts I suggest you read Manage emergency access accounts in Azure AD.

Stay in Control of AzureAD Enterprise Application registrations with Cloud App Security

Mon, 10 Dec 2018 22:33:04 +0000

Azure Active Directory provides a simple process that provides users with a single sign-on (SSO) experience for accessing cloud-based applications using their AzureAD identity. This is a great capability as it removes the need for users to manage multiple identities while enterprises keep visibility and if needed control over which applications are used by their employees.

By default, all users within Azure Active Directory have the rights to register an application and users can allow consent to apps accessing company data on their behalf.