New Microsoft Entra features strengthen identity security – Technology Microsoft
– Deidre Richardson
When you use entitlement management in Identity Governance to create an access package with specific applications and expiration settings, you can now require a Verified ID as part of the approval workflow.4 With entitlement management, you can make the onboarding process completely digital and self-serve—no admin required.5 New users get an automated welcome email with a link to the My Access portal.You can also require it for external users and for users who have to move between different Microsoft cloud instances to collaborate, for example, between government and commercial clouds.9
In addition, with Conditional Access for high-risk actions, you can now require phishing-resistant multifactor authentication for sensitive actions, such as modifying access policies, and coming soon, adding a new credential to an application or changing federated trust configuration.Third-party apps can adopt CAE through Microsoft Services Authentication Library.11
While closing the token replay window is a big step forward, we’re also working to make sure it never opens in the first place through a new capability called Token Protection.12 This adds a cryptographic key to issued tokens that blocks attackers from replaying them on a different device, which is like having a credit card that instantly deactivates if someone steals it from your wallet.To help you find vulnerable areas in your environment, we’re adding an overview dashboard to the Microsoft Azure Active Directory Conditional Access blade that summarizes your policy posture, identifies unprotected users and apps, provides insights and recommendations on Conditional Access coverage based on sign-in activity, and helps you investigate the impact of individual policies.March 9, 2023.March 9, 2023.
Link: https://www.inferse.com/692446/new-microsoft-entra-features-strengthen-identity-security-technology-microsoft/