If you have Microsoft Defender for Endpoints configured (I truly recommend this!), you could also require the device to be under the machine risk score “ Clear”. Looking at the compliance policies above, you will have noticed the “Require Minimum ATP” (Take A look at my Github page for these compliance policies) I am combining Microsoft their PAW Compliance rules with mine. The first thing we need to do to start securing your Tenant is configure your Conditional Access (CA) rules and create some nice compliance policies.įirst, let’s take a look at some compliance policies. Compliance Policies and Conditional Access So how are we going to do this? I will try to guide you through the whole setup, step by step. You really don’t want an IT operator logging into a nonsecured device and logging in to Azure as a global admin. From there on, you can put up more Security fences and improve your level of security and reach the Specialized Security level for your normal users.Īs mentioned earlier, you really want to have a totally locked-down device (PAW) for your IT operators. The security Model starts with the Enterprise Security level, which fits almost all Enterprise users. When you become a difficult target to breach, the attacker must spend more time and money to achieve their objectives. And it’s all about return on investment (ROI). Looking at the picture above, you will have noticed the “dollar signs” the higher you get the more defenses are in place and the more it will cost the attacker to breach your security. There are 3 levels of security you can choose from. Configuring a secured workstation is the way to go. You really want to make sure your sensitive users/It operators can only login into the most secure device possible. ![]() I guess the best way to describe it, is being Groot. So what are sensitive users? These users are your superusers, your it operators. You will need to protect your sensitive users from attackers who want to compromise your devices! ![]() With this strategy, you are making sure you are lowering the risks of an attack on your privileged users. It’s a part of your Privileged Access strategy. ![]() The PAW level is the most restrictive one! The PAW concept describes the requirement of IT Operators/Administrators to have a totally locked down workstation dedicated and only to be used for an administrative activity. So what means PAW? PAW stands for Privileged Access Workstation.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |