The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In “Step 4. Set conditional access policies,” you’ll learn how to control access to your apps and corporate resources using conditional access policies, and how these policies can block legacy authentication methods and control access to SaaS apps.
In today’s workplace, users can work from anywhere, on any device, whether they are using a company-provided laptop at the office, working from home, traveling for business, or using a personal mobile phone. And they expect to seamlessly access what they need to get work done. While the need for productivity may not change with circumstances, the level of risk of each sign-in does. It is critical to safeguard your identities, but it is not enough. You also need flexible security policies that are responsive to conditions. Azure AD conditional access lets you apply security policies that are triggered automatically when certain conditions are met. You can block access if the data suggests the user has been compromised or if it’s highly unlikely that the user would sign in under those conditions. You can enforce additional authentication requirements when the system detects a medium risk based on the sign-in conditions.