Baseline security policy for Azure AD admin accounts in public preview!

%3CLINGO-SUB%20id%3D%22lingo-sub-207127%22%20slang%3D%22en-US%22%3EBaseline%20security%20policy%20for%20Azure%20AD%20admin%20accounts%20in%20public%20preview!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-207127%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EIdentity%20attacks%20have%20increased%20by%20300%25%20in%20the%20last%20year.%20To%20protect%20our%20customers%20from%20these%20ever-increasing%20attacks%2C%20Microsoft%20is%20embarking%20on%20a%20journey%20to%20rollout%20baseline%20protection.%20To%20that%20end%2C%20I%E2%80%99m%20excited%20to%20announce%20today%20the%20public%20preview%20of%20the%20first%20baseline%20policy%20to%20protect%20privileged%20Azure%20AD%20accounts.%3CBR%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22%22%3EThis%20baseline%20policy%20will%20be%20available%20by%20default%20to%20all%20Azure%20AD%20tenants%20and%20will%20require%20MFA%20for%20privileged%20Azure%20AD%20accounts.%20Attackers%20who%20get%20control%20of%20privileged%20accounts%20can%20do%20tremendous%20damage%2C%20so%20it%E2%80%99s%20critical%20to%20protect%20these%20accounts%20first.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20518px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F36530i8C32E0B421D9C207%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22062218_1749_Baselinesec1.png%22%20title%3D%22062218_1749_Baselinesec1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22%22%3ERead%20more%20about%20it%20in%20the%20Enterprise%20Mobility%20%2B%20Security%20blog.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-207127%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-213259%22%20slang%3D%22en-US%22%3ERe%3A%20Baseline%20security%20policy%20for%20Azure%20AD%20admin%20accounts%20in%20public%20preview!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-213259%22%20slang%3D%22en-US%22%3E%3CP%3EWill%20there%20be%20a%20way%20to%20programatically%20add%20Trusted%20locations%20for%20O365%20tenants%20as%20soon%20as%20this%20policy%20is%20rolled%20out%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-conditional-access-locations%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-conditional-access-locations%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Community Manager

Identity attacks have increased by 300% in the last year. To protect our customers from these ever-increasing attacks, Microsoft is embarking on a journey to rollout baseline protection. To that end, I’m excited to announce today the public preview of the first baseline policy to protect privileged Azure AD accounts.

 

This baseline policy will be available by default to all Azure AD tenants and will require MFA for privileged Azure AD accounts. Attackers who get control of privileged accounts can do tremendous damage, so it’s critical to protect these accounts first.

 

062218_1749_Baselinesec1.png

 

Read more about it in the Enterprise Mobility + Security blog.

1 Reply
Highlighted

Will there be a way to programatically add Trusted locations for O365 tenants as soon as this policy is rolled out?

 

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-location...