Remote Work

Azure remote security

For many organizations, remote work has become a critical capability. It is important to maintain the security posture of vital cloud assets such as Azure Active Directory (AD) while enabling remote workers to access them. Misconfiguration of security controls and poor password practices could cause several data breaches.

To improve Azure AD security score and enhance the identity protection of users, enabling multi-factor authentication (MFA) should be your top priority. While you can enable MFA for users in Azure AD, the authentication methods supported by it are inadequate and the configuration is inflexible.

Improving Azure AD security score with ADSelfService Plus

ADSelfService Plus, an integrated Active Directory self-service password management and single sign-on solution, helps enable multi-factor authentication for on-premises AD users who access Azure AD. This solution supports eighteen authentication methods. You can enable different authentication methods for different sets of users by creating OU and group-based policies.

The list of supported authentication methods includes:

• Security Questions and Answers
• Email Verification
• SMS Verification
• Google Authenticator
• Microsoft Authenticator
• Duo Security
• RSA SecurID
• RADIUS Authentication
• Push Notification Authentication
• Fingerprint/Face ID Authentication
• QR Code-Based Authentication
• TOTP Authentication
• SAML Authentication
• AD Security Questions
• YubiKey Authentication
• Smart Card Authentication
• Custom TOTP Authenticator

In addition, Azure access control decisions can also be automated based on risk factors like device used, time of access, IP address, and user's geolocation with the Conditional Access feature. Password synchronization can also be performed for Azure, Active Directory and other on-premises and cloud applications.