Many organisations restrict access to Office 365 services and applications from unmanaged or non-compliant endpoints through the use of Azure AD conditional access policies. In additional to these traditional conditional access policies, Cloud Apps Security (CAS) extends these capabilities with additional features, including custom block messages and custom alerts surfaced from within the CAS administration portal.
CAS policies are broken down into session policies (those which affect web browser sessions) or access policies (those which affect desktop applications) and are applied to access attempts against Office 365 applications and services such as Microsoft OneDrive for Business, Microsoft Exchange Online, Microsoft SharePoint Online, and Microsoft Teams.
Microsoft Licensing visualisations for December 2020.
Licensing information based of Aaron Dinnage’s licensing information, this version provides a different style of visualisation for M365 licensing only. Aaron’s page contains more license types, more information below on how to access his Git repository.
Download Microsoft 365 Licensing Visualisation : Click here to download
Included License Types:
Microsoft Office E3 Microsoft Office E5 Azure AD Premium P1 Azure AD Premium P2 Enterprise Mobility + Security E3 Enterprise Mobility + Security E5 Windows 10 E3 Windows 10 E5 Microsoft 365 E5 Security Microsoft 365 E5 Compliance Information Protection & Governance Insider Risk Management eDiscovery & Audit Microsoft 365 E3 Microsoft 365 E5 Additional notes:
Microsoft’s Cloud Apps Security (MCAS) extends the conditional access configuration and alerting capabilities provided by Azure Active Directory. Many organisations rely on conditional access to control the devices people use to access corporate data, and in many instances to block access if devices do not meet compliance requirements.
But what happens if blocking access from unmanaged devices is too restrictive? What if an organisation needs to continue to support access from these devices and can access be enabled in a secure manner?
In recent weeks due to global circumstances there is much chatter surrounding the need for people to work from home and the impact this type of decision has on the ability for people to successfully complete their work within these constraints. Whilst working from home is not a new concept and many organisations allow for staff to work from locations other than their typical central office location, for many people this arrangement may be for a single day per week, less frequently, alternatively for some they make a deliberate choice to always leave home each day and be present at the office.
Understanding who has access to your resources Securing and managing membership of privileged groups and roles should be a priority for every organisation. Privileged groups and roles, those which provide elevated access to resources of which may be of sensitive or confidential nature, are vital for any IT department to function and provide administrators access to the services and data supporting the business.
Traditionally, IT departments utilise a security model whereby administrative permissions are permanently assigned irrespective of how often they are required, or accounts may have access enabled and revoked on an as needed basis, which is a manual process subject to human error.