home.social
Sign in Create account

#conditionalaccess โ€” Public Fediverse posts

Live and recent posts from across the Fediverse tagged #conditionalaccess, aggregated by home.social.

  1. Daniel Keer @[email protected] ยท

    ๐Ÿšจ Entra ID External MFA (old name was External Authentication Methods) is now Generally Available.

    Custom Controls is being deprecated on 30 Sept 2026.

    Here's how to check your usage.

    thedxt.ca/2026/03/microsoft-en

    #Entra #MFA #M365 #Microsoft #Microsoft365 #ConditionalAccess

    #entra #mfa #m365 #microsoft #microsoft365 #conditionalaccess
  2. Lukas Beran @[email protected] ยท

    ๐‡๐จ๐ฐ ๐‚๐จ๐ง๐๐ข๐ญ๐ข๐จ๐ง๐š๐ฅ ๐€๐œ๐œ๐ž๐ฌ๐ฌ ๐๐จ๐ฅ๐ข๐œ๐ข๐ž๐ฌ ๐€๐ซ๐ž ๐„๐ฏ๐š๐ฅ๐ฎ๐š๐ญ๐ž๐ ๐ข๐ง ๐Œ๐ข๐œ๐ซ๐จ๐ฌ๐จ๐Ÿ๐ญ ๐„๐ง๐ญ๐ซ๐š ๐ˆ๐ƒ

    Understanding how Conditional Access policies are evaluated in Microsoft Entra ID is absolutely essential if you are involved in their creation or management.

    I often encounter fundamental misunderstandings regarding how the evaluation of Conditional Access policies takes place. Many administrators are accustomed to systems like firewalls, where there is an order or priority for evaluating created rules. However, it does not work this way with Conditional Access policies in Microsoft Entra ID. Applying the same principle to Conditional Access policies will very likely lead to significant security risks.

    Read my blog post bellow ๐Ÿ‘‡ ๐Ÿ‘‡
    cswrld.com/2026/02/how-conditi

    #cswrld #entraid #securitytips #conditionalaccess

    #cswrld #entraid #securitytips #conditionalaccess
  3. Lukas Beran @[email protected] ยท

    ๐—›๐—ผ๐˜„ ๐˜๐—ผ ๐—ฏ๐—น๐—ผ๐—ฐ๐—ธ ๐˜‚๐—ป๐—ธ๐—ป๐—ผ๐˜„๐—ป ๐—ฝ๐—น๐—ฎ๐˜๐—ณ๐—ผ๐—ฟ๐—บ๐˜€ ๐—ถ๐—ป ๐— ๐—ถ๐—ฐ๐—ฟ๐—ผ๐˜€๐—ผ๐—ณ๐˜ ๐—˜๐—ป๐˜๐—ฟ๐—ฎ ๐—œ๐——

    Under conditional access policies, it is possible to block individual device platforms. In general, it is a good idea to eliminate all ways that a potential threat actor could use to compromise the environment. In other words, block everything that is not needed.

    This also applies to device platforms within Microsoft Entra ID. For example, if your organization only uses Windows, iOS, and Android, it's a good idea to disable all other platforms. If you also use macOS, you need to add macOS as well, of course.

    What I would definitely recommend blocking is Windows Phone and other unknown platforms. Unrecognized / unknown platforms are usually spoofed User Agents, which is mainly used by threat actors.

    ๐Ÿ“บ Watch my YouTube video bellow ๐Ÿ‘‡ ๐Ÿ‘‡
    youtu.be/vFhQgwXmqTo

    #cswrld #videotutorial #entraid #conditionalaccess #platforms #blocking

    #cswrld #videotutorial #entraid #conditionalaccess #platforms #blocking