Event banner

Level up identity protection: building a modern ITDR practice

Event Ended
Wednesday, Dec 06, 2023, 09:00 AM PST
Online

Event details

Attackers don’t break in, they log in. Get an in-depth look at Microsoft's point of view on identity threat detection and response (ITDR). Identities have become the new corporate security boundary a...
Heather_Poulsen
Updated Dec 27, 2024
siem
Tech Accelerator
xdr
jeffjerousek's avatar
jeffjerousek
Copper Contributor
Dec 06, 2023
What is Microsoft's current recommendation for bringing MFA to on-prem admin accounts like Domain Admins without syncing to EntraID?
Chris Ayres's avatar
Chris Ayres
Icon for Microsoft rankMicrosoft
Dec 14, 2023
Hi Jeff, the current design pattern for this is to have one account that is synced to Entra to which we can apply MFA and a secondary account that is used for the actual privileged action on the end service. The first account is used to actual allow the network path to be opened and then second account is the priv account then used for performing whatever the necessary action is. With the enforcement options we are building on the DC side, what that would mean is that without first going through Entra Private Access and authenticating the network path would the connection would not be allowed mitigating any risks of going direct to the service.
Date and Time
Dec 6, 20239:00 AM - 9:30 AM PST