Identity-related sessions at the Workplace Ninja Virtual Edition 2021

Reading Time: 5 minutes

WorkPlace Ninja's

The Workplace Ninja's share knowledge with the community and make Workplace Management with Microsoft Technologies simpler for everybody. Now, Mirko, Thomas and Seraina are gearing up for their 2021 Workplace Ninja Summit.

About the Workplace Ninja Summit

The Workplace Ninja events are community driven and focused on spreading knowledge to the attendees. The main topics are ConfigMgr, EMS, Identity, PowerShell and Microsoft Threat Protection. Fun sessions bring all WPNinjas together and create an inspiring atmosphere to network with others who take care of the same topics in their organizations.

The 2021 Workplace Ninja Virtual Edition takes place between August 31st and September 2nd, 2021. It features over 80 45-minute level 300-500 sessions.

Identity-related sessions

During the Workplace Ninja Summit, you can enjoy the following free Active Directory and Azure AD-related sessions via Microsoft Teams:

Spy vs. Spy – Azure AD identities attack and defense

Speakers: Michael Rueefli and Alain Schneiter
Date: Tuesday August 31, 2021 2 PM
Location: Room 2
Duration: 45 minutes

In this session Alain and Michael will show different attack vectors towards Azure AD identities and how to protect yourself and your customers from these type of attacks in a "good-guy/bad guy" role play.

Gaining visibility into App Registrations and Enterprise Applications

Speaker: Thijs Lecomte
Date: Tuesday August 31, 2021 3 PM
Location: Room 1
Duration: 45 minutes

App Registrations and Enterprise Applications are a really important feature within Azure AD, for both integration and authentication. They will also replace the service accounts of the on-premises world.

It is important to manage and obtain control over them. By default every user in your organization can add them and control them. In this session Thijs goes over:

  1. What are app registration and enterprise applications?
  2. What is the threat in them?
  3. How to manage end-user requests for enterprise applications
  4. How to monitor Enterprise Applications sign-ins

Securing your privileged identity and access in Azure AD

Speaker: Thomas Naunheim
Date: Tuesday August 31, 2021 7 PM
Location: Room 1
Duration: 45 minutes

Privileged accounts and access needs particular attention alongside of the regular protection of user accounts in Azure Active Directory. Over the last years Microsoft releases many design principles, best practices and security concepts for securing privileged access in Microsoft Azure (such as "Enterprise Access Model" as evolution of the ESAE approach).

In Thomas' session he speaks about the latest aspects, considerations and solution approaches to protecting privileged identities and access in Microsoft Azure:

  • Customizing and Designing of Azure and Azure AD RBAC concept
    (Custom roles, security considerations of built-in roles)
  • Adoption of Enterprise Access Model in Azure AD
  • Reduce the exposure time of privileges (Azure AD PIM)
  • Managed Access Package for Privileged Access Groups and Roles
  • Protecting privileged accounts with advanced Conditional Access and MFA (including passwordless options)
  • Access to Azure resources from a secure admin workstation


Employee offboarding – organizational and technical considerations

Speakers: Marijn Somers and Corinna Lins
Date: Tuesday August 31, 2021 7 PM
Location: Room 2
Duration: 45 minutes

A lot has been written and said on getting new users into your company, but what if they (need to) leave? How do you make sure that their knowledge stays in the organization? What actions do you need to take to make sure they don't run off with your data?

In this session, Corinna and Marijn will depart ways. They will take you on a journey on all the considerations and action items you need to take to gracefully onboard employees. You will learn:

  • The necessary steps to stop users from logging in, retain data, and keep processes running
  • Best practices to offboard people from an organizational perspective

Understanding hybrid Azure AD join and co-management

Speakers: Herman Arnedo Mahr and Cristina Osorio Valenzuela
Date: Wednesday September 1, 2021 1 PM
Location: Room 3
Duration: 45 minutes

As we talk with organizations that are using Microsoft Endpoint Manager to deploy, manage, and secure their client devices, we often get questions regarding co-managing devices and hybrid Azure Active Directory (AD) joined devices.

Many customers confuse these two topics – the first is a management option, while the second is an identity option. In this session, we hope to clear up any confusion and give guidance and scenarios on how to use both to manage and protect your devices.

From On-Prem to the Cloud. Hybrid AD attack path

Speaker: Sergey Chubarov
Date: Wednesday September 1, 2021 5 PM
Location: Room 1
Duration: 45 minutes

Most businesses today use hybrid cloud and many of us will retire before companies fully migrate to the cloud. Cloud identity service Azure AD provides protection from advanced cybersecurity attacks, but what additional challenges appear when integrating with on-prem AD?

Let's check that out in advanced scenario-based session. Live demos only.

The session contains:

  • Getting Domain Admin through Azure AD Connect
  • Getting Domain Admin through Azure AD Connect Cloud Sync (new offering)
  • Bypass Azure AD authentication & MFA
  • Azure reconnaissance with AzureHound

Deep Dive into Azure AD Conditional Access

Speaker: Thomas Naunheim
Date: Wednesday September 1, 2021 5 PM
Location: Room 2
Duration: 45 minutes

Conditional Access Policies in Azure AD allows to empower users to be productive wherever and whenever but also protect the organization's assets. It's an essential component of the identity-driven security approach in Azure Active Directory. It also plays an important role as "Policy Engine" in Zero Trust implementations to "always verify" access by context and control.

Capabilities to manage policies at scale but also Integration of "Azure AD Identity Protection" or "Microsoft Cloud App Security" should be considered in your implementation.

In this session we will do a walkthrough to design, manage and monitor "Conditional Access Policies" including hands-on demos, known limitations and notes from the field:

  • Overview of Conditional Access Policies
  • Design and Implementation
  • Extension of Conditions and Controls
  • Monitoring and Reporting

Kickstart your Identity Governance practice in 45 minutes, where to start?

Speakers: Pim Jacobs and Ronny de Jong
Date: Thursday September 2, 2021 1 PM
Location: Room 2
Duration: 45 minutes

Starting your Identity Governance practice can be complicated, but if you take the right approach it’s not as hard as you think, either. Identity Governance exists of multiple components to govern your identity base, this by using identity lifecycles, access lifecycles and just-in-time access features for user and guest accounts.

During this session you will learn how to get started with your Identity Governance implementation. Get back into control as an IT administrator when it comes to the identities you’re managing and even better how to make your life easier by enabling Identity Governance self-service features for your end users.

After this sessions you will know what you need to do to implement an Identity Governance Strategy in your environment and what the best approach would be to go from start to finish. This is a must visit session for IT Administrators who wants to ensure right controls are in-place for secure productivity!

Optimize user onboarding/Offboarding with Azure Identity Governance

Speaker: Nicklas Ahlberg
Date: Thursday September 2, 2021 4 PM
Location: Room 2
Duration: 45 minutes

User onboarding and offboarding are often forgotten. A good onboarding experience is welcoming to the new user and allows for us to keep track of access and privileges. A good offboarding is important to make sure access and privileges are deleted.

In this session we will learn how to create and use Catalogs and Access Packages to allow for an optimized user experience for both internal and external users. We will keep track and review access using “Access Reviews”.

What’s new in Implementing a passwordless practice, how hard can it be?

Speakers: Pim Jacobs and Ronny de Jong
Date: Thursday September 2, 2021 5 PM
Location: Room 2
Duration: 45 minutes

Eliminating passwords isn’t easy, but it’s also probably not as hard as you think, either. A variety of passwordless authentication options made available to kill passwords, so users can use strong authentication methods like the Microsoft Authenticator app, Windows Hello or FIDO2 Security Keys.

During this session you'll learn how to successfully implement an effective passwordless practice and eliminate passwords in a phased approach. We'll cover the latest functionalities which have been recently added, various use-cases and focus on how you can use these passwordless functionalities within an on-premise world.

After this session you'll have a clear understanding what passwordless options exists, choose the right one(s) and how to implement them.

Hacking Azure AD – the demo edition

Speaker: Erik Loef
Date: Thursday September 2, 2021 7 PM
Location: Room 2
Duration: 45 minutes

Azure AD accounts are now the perimeter to the enterprise. A few years ago, the goal was to become Domain Administrator in the on-premises domain, now it's time to become Global Admin in the Azure / Microsoft 365 tenant.

There are common misconfigurations and challenges to retrieve information from Azure AD . In this demo-heavy session an overview of hacking techniques is demonstrated. The goal is to make visible what's possible so you can defend against it.

Join me!

The 2021 Workplace Ninja Summit kicks off in three weeks.

Register now for this free event and join me as one of their attendees. Register here.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.