From: Architecting Zero Trust: Crafting Baseline Conditional Access Policies with Intune
applicationcreative

How can I use Conditional Access to enable new, secure ways of working?

Conditional Access is not just about blocking; it's also about enabling secure flexibility. For example, you can allow users to access specific, less sensitive applications from their personal devices, but only if those devices are enrolled in Intune's App Protection Policies (MAM) and the apps are protected. Or, you can enable remote work from anywhere in the world, while dynamically requiring MFA and blocking access to highly sensitive systems if the location is deemed high-risk by Azure AD Identity Protection.

Action

Consider a 'stretch' goal: How can you leverage Conditional Access to securely enable a business process that currently feels too risky (e.g., allowing specific contractor access without VPN, enabling BYOD for certain roles)? Design a hypothetical policy for it.

Read the full exploration
What else is in this exploration
4 evidence blocks4 perspectives4 visualizations3 media resources8 rabbit holes
evidence
Conditional Access is the 'If-Then-Else' statement of Microsoft's identity security, evaluating a...
evidence
The 'Report-only' mode is crucial for testing Conditional Access policies and understanding their...
evidence
Baseline Conditional Access policies should typically enforce Multi-Factor Authentication (MFA) f...
Sign up to unlock
Continue exploring
Architecting Zero Trust: Crafting Baseline Conditional Access Policies with Intune
Evidence, perspectives, rabbit holes, and more