Azure AD-related announcements from RSA Conference 2021

Microsoft’s contribution to the virtual 2021 RSA Conference between May 17, 2021 and May 20, 2021 was centered around the principle of Zero Trust. Certainly, announcements were made to fit the principals of Zero Trust from within Azure AD.

Azure AD features, announced at RSA 2021

Microsoft announced the following new Azure AD features:

GPS-based named locations Public Preview

Microsoft announced the GPS-based Named Locations functionality for Conditional Access at the 2021 RSA Conference. This feature follows Zero Trust’s Verify explicitly principle.

It enables organizations to require location services on mobile devices running Microsoft’s Authenticator app. The feature goes beyond location based on IP address ranges for countries to verify that people are within the geographic boundaries of a country to gain or restrict access.

Filters for devices condition Public Preview

Microsoft announced filters for devices for Conditional Access at the 2021 RSA Conference. Through a new rule builder using specific properties for devices like DisplayName, OperatingSystemVersion and TrustType, devices can be filtered to target policies granularly to some devices, or exclude certain devices from targeting.

Authentication Context Public Preview

Admins can now create Authentication Context to dynamically trigger a Conditional Access policy, when sensitive content in applications, services and/or systems is accessed. This extends Conditional Access’ functionality with step-up authentication requiring a compliant device, a GPS-based location or other controls.

One of the use cases that is already available today is to use Authentication Context in Conditional Access to apply to accessing a sensitive file, integrated with Cloud App Security and Microsoft Information Protection.

Azure AD login for Linux and Windows VMs in Azure Public PReview

Azure Infrastructure as a Service (IaaS) not supports Azure AD logins for RDP to Windows 10 and Windows Server 2019-based virtual machines. This feature also includes using Azure AD logins with SSH certificate-based authentication to SSH into Linux virtual machines.

This feature eliminates the need to create local accounts on these types of virtual machines, minimizing both the attack surface and management burden for managing local accounts.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.