Improved security enhancements for management of the cloud based AZURE environment were recently announced by Microsoft
Microsoft this week announced Azure Active Directory enhancements for organizations that likely will better address some security and compliance issues. The enhancements include a new Multifactor Authentication Server Migration Utility, an Azure AD Kerberos preview for Azure Filesusers, plus the ending of unmanaged accounts for users of the Azure AD B2B service.
1. MFA Server Migration Utility – Microsoft has released a new Multifactor Authentication Server Migration Utility, which aims to help organizations shift from using the on-premises MFA Server to using the Azure MFA service. The utility is said to not require re-registration by end users after making a shift to the Azure MFA service. It allows IT pros to test things in staged rollouts before fully implementing the change
2. Azure Files and Kerberos Security Preview — Microsoft also this week announced that Azure Files is now integrated with Azure AD Kerberos for use when organizations are using a “hybrid” (cloud plus on-premises) approach to controlling identity and access management.
3. Azure AD B2B and Unmanaged Accounts — Microsoft also this week indicated that it’s ending the user option to use “unmanaged accounts” when accessing resources via Microsoft’s Azure Active Directory B2B (“Business to Business”) sharing service. These un-managed accounts could get created using a capability that enabled “self-service sign-up for email-verified users,” Microsoft explained. It was a quick way for Azure AD B2B-invited guests to access resources, but it apparently became a compliance nightmare.