What's New in Azure Active Directory for February 2022

Azure Active Directory

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for February 2022:

What’s Planned

France digital accessibility requirement General Availability

Service category: Other
Product capability: End User Experiences

This change provides users who are signing into Azure Active Directory on iOS, Android, and Web UI flavors with information about the accessibility of Microsoft's online services via a link on the sign-in page. This ensures that the France digital accessibility compliance requirements are met. The change will only be available for French language experiences.

What’s New

Downloadable access review history report General Availability

Service category: Access Reviews
Product capability: Identity Governance

With Azure AD Access Reviews, organizations can create a downloadable review history to help gain more insight. The report pulls the decisions that were taken by reviewers when a report is created. These reports can be constructed to include specific access reviews, for a specific time frame, and can be filtered to include different review types and review results.

Identity Protection for Workload Identities Public Preview

Service category: Identity Protection
Product capability: Identity Security & Protection

Azure AD Identity Protection is extending its core capabilities of detecting, investigating, and remediating identity-based risk to workload identities. This allows organizations to better protect their applications, service principals, and managed identities. Microsoft is also extending Conditional Access so admins can block at-risk workload identities.

Cross-tenant access settings for B2B collaboration Public Preview

Service category: B2B
Product capability: Collaboration

Cross-tenant access settings enable admins to control how users in your organization collaborate with members of external Azure AD organizations. With this feature, admins have granular inbound and outbound access control settings that work on a per organization, per user, per group, and per application basis.

These settings also make it possible for admins to trust security claims from external Azure AD organizations like multifactor authentication (MFA), device compliance, and hybrid Azure AD joined devices.

The cross-tenant access settings for B2B collaboration public preview applies to China, Public (Microsoft 365, GCC) and US Gov (GCC-H, DoD) tenants.

Create Azure AD access reviews with multiple stages of reviewers Public Preview

Service category: Access Reviews
Product capability: Identity Governance

Organizations can now use multi-stage reviews to create Azure AD access reviews in sequential stages, each with its own set of reviewers and configurations. This feature supports multiple stages of reviewers to satisfy scenarios such as independent groups of reviewers reaching quorum, escalations to other reviewers, and reducing burden by allowing for later stage reviewers to see a filtered-down list. For public preview, multi-stage reviews are only supported on reviews of groups and applications.

New Federated Apps available in Azure AD Application gallery

Service category: Enterprise Apps
Product capability: 3rd Party Integration

In February 2022, Microsoft added the following new applications in the Azure AD App gallery with Federation support:

Two new Microsoft Defender for Cloud Apps detections in Identity Protection General Availability

Service category: Identity Protection
Product capability: Identity Security & Protection

Identity Protection has added two new detections from Microsoft Defender for Cloud Apps, (formerly known as MCAS):

  1. The Mass Access to Sensitive Files detection
  2. The Unusual Addition of Credentials to an OAuth app detection

New provisioning connectors in the Azure AD Application Gallery

Service category: App Provisioning
Product capability: 3rd Party Integration

Admins can now automate creating, updating, and deleting user accounts for these newly integrated apps:

What’s Changed

Privileged Identity Management (PIM) role activation for SharePoint Online enhancements General Availability

Service category: Privileged Identity Management
Product capability: Privileged Identity Management

Microsoft has improved the Azure AD Privileged Identity management (PIM) time to role activation for SharePoint Online. Now, when activating a role in PIM for SharePoint Online, admins should be able to use their permissions right away in SharePoint Online.

This change will roll out in stages, so admins might not yet see these improvements in their organization.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.