I do solemnly swear that I am up to no good!
Similarly, users accessing an IT system will have to accept certain conditions before they can proceed as part of good identity governance.
When we use services at work, we do so with the understanding that we will behave accordingly. With Windows workstations linked to an AD domain, an interactive message can be displayed on the screen before a user logs in.
Now, everybody knows that the user will, of course, read and understand this every day and pay close attention to the instruction.
Or perhaps not.
This sort of message is useful but doesn’t actually ensure that the user has read the message, nor does it identify the user and when they agreed to the terms.
The user will be asked to agree to the terms when they sign in and then again after a set number of days.
A list of those users who have accepted or declined the terms is available from within the Azure portal.
Once a user has accessed the services, they may be eligible to apply for additional privileges or access to applications or roles.
These are served through entitlements and are part of the same identity governance.
Once an entitlement is configured by adding roles, applications or groups, then a user can request access by going to a specific web site.
The user will be asked to provide a justification for the request before it goes through any approval.
Once a request has been made, its progress can be monitored through the same web pages.
Once processed, the user is automatically added to the relevant applications, groups or roles that are included in the access package.
These entitlements can then allow a user to request additional access and for it to be granted in a straightforward manner with (or without) approval. These entitlements can then be automatically removed after a set period of time.
These governing foundations are important and, when appropriately configured with the right license, can be used to audit and report on user access.
While governance is a huge subject and the Microsoft pillars only cover a portion of what’s possible, they make for a great starting point to help you get control of your identities and their access, thereby improving your overall security posture.
Next, see how you score on identity and access management, or watch our webinar on-demand to discover advanced governance controls.
Submit your business email to join our mailing list and we'll send you 'A buyer’s guide to Microsoft Enterprise Security'.
As ThirdSpace’s Solution Architect and Technology Evangelist (yes, he knows it’s a long title), Dave has a background in IT that goes back to installing a piece of kit called a Microsoft Softcard in...
READ AUTHOR'S FULL BIO
Send us your questions or feedback.
Friendly folks are standing by!
Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.
You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.