For identity governance there are three main areas that you want to focus on and each one of these areas plays a critical role in securing access and managing risk. <\/p>\n\n\n\n
The first thing we have is conditional access<\/strong>. You’ll want to understand how to configure policies that enforce multifactor authentication<\/strong>, block access from specific geographic regions, and allow access only for managed devices or approved clients.<\/p>\n\n\n\n These are examples of things that you’ll definitely want to know. Keep in mind that these controls help you ensure that only trusted users and devices can access these resources.<\/p>\n\n\n\n A few key considerations when using Conditional Access:<\/p>\n\n\n\n Design for conditional access<\/strong><\/a><\/p>\n\n\n\n Next take a closer look at identity protection. Keep in mind that this is where risk based policies <\/strong>come in to play. Know how to set thresholds like requiring actions when a user’s risk level is high or when a sign in risk is medium or above. And understand those various levels.<\/p>\n\n\n\n Also be familiar with how to investigate and respond to these risks<\/strong> using the Azure portal. Now this is going to be one of those key things to identify threats and risks within your organization.<\/p>\n\n\n\n A few key considerations when using Identity Protection:<\/p>\n\n\n\n Design for identity protection<\/strong><\/a><\/p>\n\n\n\n And finally study how to design an effective access review plan<\/strong>. You’ll need to identify which resources should be reviewed, determine what automatic actions should be taken for users who no longer need access<\/strong>, and choose the right reviewers whether it’s the resource owner or someone else.<\/p>\n\n\n\n A few key considerations when designing Access Review Plan<\/p>\n\n\n\n\n
\n
\n