identity and access management

Guest:

• Kat Traxler, Security Researcher, TrustOnCloud

Topics:

• What is your reaction to “in the cloud you are one IAM mistake away from a breach”? Do you like it or do you hate it?

• A lot of people say “in the cloud, you must do IAM ‘right’”. What do you think that means? What is the first or the main idea that comes to your mind when you hear it?

• How have you seen the CSPs take different approaches to IAM? What does it mean for the cloud users?

• Why do people still screw up IAM in the cloud so badly after years of trying?

• Deeper, why do people still screw up resource hierarchy and resource management? 

• Are the identity sins of cloud IAM users truly the sins of the creators? How did the "big 3" get it wrong and how does that continue to manifest today?

• Your best cloud IAM advice is “assign roles at the lowest resource-level possible”, please explain this one? Where is the magic?

Resources:

• Video (Linkedin, YouTube)

• Kat blog

• “Diving Deeply into IAM Policy Evaluation” blog

• “Complexity: a Guided Tour” book

• EP141 Cloud Security Coast to Coast: From 2015 to 2023, What's Changed and What's the Same?

• EP129 How CISO Cloud Dreams and Realities Collide

Protect against identity-based attacks with Identity Threat Detection and Response capabilities. Ensure your organization is equipped to protect identities wherever they are—on-premises, in the cloud or hybrid. As an integral component of the XDR experience, identity alerts are contextualized within broader security incidents, enhancing your ability to manage threats effectively. The integrated Copilot experience and advanced hunting capabilities allow for in-depth investigation of alerts and activity logs. Security analysts and identity admins can collaborate seamlessly with bidirectional integration between Defender XDR and Microsoft Entra. 

Daniel Lynch, Microsoft Defender for Identity’s Senior Product Manager, shares how Identity Threat Detection and Response can be utilized in daily operations and coordinated actions throughout every phase of an identity-related security incident, strengthening your organization's defense posture.

► QUICK LINKS: 

00:00 - Stop identity-based attacks
01:13 - How to use Identity Threat Detection and Response
02:37 - See an active multi-stage incident
03:57 - Use Copilot for Security
05:08 - Advanced Hunting in Microsoft Defender XDR
05:38 - Block a compromised user account in Active Directory
06:44 - Improve security posture in Microsoft Defender XDR with Secure Score
08:04 - Wrap Up

► Link References:

For more information, check out https://aka.ms/ITDR

► Unfamiliar with Microsoft Mechanics? 

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics 

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Keep your users, devices and data protected with Microsoft Entra Security Service Edge Internet Access. Combine identity and access management along with network access controls to help protect iInternet-based resources. Protections are context aware, made possible by deep integration with Conditional Access policies, with risk assessed in real time across identity, device, location, and applications, to protect ANY app or resource. See how Microsoft Entra Internet Access helps prevent sophisticated token theft attacks and insider data exfiltration to untrusted sites, including logging into unallowed sites that might increase your risk.

Camila Martins, Senior Product Manager for Microsoft Entra, shows policies you can set as an admin and the user experience with protections in place - right from the Global Secure Access controls in the Microsoft Entra admin center.

► QUICK LINKS:

00:00 - Keep users, devices, and data protected
01:20 - Token theft demo
02:09 - How it works as a user
03:00 - How the policy prevents data exfiltration
03:48 - Protect against malicious insider attacks
05:00 - See a policy in action
06:01 - Block sites that inhibit productivity
06:53 - Add Conditional Access policies
08:24 - Wrap up

► Link References

Get started at https://entra.microsoft.com

For more information, check out https://aka.ms/SSEInternetAccessdocs 

Check out our playlist at https://aka.ms/SSEMechanics

► Unfamiliar with Microsoft Mechanics? 

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. 

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Enable secure access to all your private on-prem and cloud resources, beyond what you can do with traditional VPNs, with Microsoft Entra Private Access, part of Microsoft’s Security Service Edge solution. Private Access takes an identity-centric Zero Trust Network Access approach, and leverages the Conditional Access policy engine to assess risk in real time using identity, device, and application signals, and apply additional network conditions to protect any apps or resources, such as file shares or virtual machines.

Ashish Jain, Principal Group PM for Microsoft Entra, shares how Microsoft Entra adds Security Service Edge controls for private connections that you'll find under Global Secure Access in the Microsoft Entra admin center.

► QUICK LINKS:

00:00 - Secure access to all private apps and resources
01:31 - Global Secure Access
02:27 - Set up private app access without using a VPN
03:34 - MFA with Conditional Access policies
05:24 - Connect to infrastructure resources on prem
07:03 - Connect from a mobile device
09:09 - Wrap up

► Link References
Get started at https://entra.microsoft.com

For more information, check out https://aka.ms/SSEPrivateAccessDocs

Check out our playlist at https://aka.ms/SSEMechanics 

► Unfamiliar with Microsoft Mechanics? 

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

What does it take to go from an entry-level IT Position to a Cybersecurity Identity and Access Manager? In today's fast-paced digital world, cybersecurity is more important than ever before. Every day, countless organizations fall prey to malicious attacks, resulting in devastating consequences. But what if you could learn the secrets to protecting yourself and your business from these threats? Our Guest today is going to take you on a journey through the world of Identity and Access Management, from the very basics all the way up to advanced techniques.

Kevtech IT Support: https://www.youtube.com/@KevtechITSupport
Kevin Apolinario LinkedIn:  Https://www.linkedin.com/in/itprofessionalkevinapolinario/

🥇Get 1 on 1 Career Coaching from the Bearded I.T. Dad: https://thebeardeditdad.com/career-coaching/ 🥇

💗WAYS TO SAY THANKS & SUPPORT THE CHANNEL💗
📣Rate and leave a review, Share the Podcast, and Subscribe to the channel: This costs nothing but helps a lot!
🌕Channel Membership: Get exclusive live streams, extra content, a loyalty badge, and more! This also helps keep the caffeine flowing. https://www.youtube.com/c/TheBeardedITDad/join
☕Buy Me a Coffee @ https://www.buymeacoffee.com/thebeardeditdad
💲Get access to exclusive content @ Patreon https://www.patreon.com/thebeardeditdad
👕The Bearded I.T. Dad Merchandise: https://thebeardeditdad.com/shop/

---------------

If you would like to be on the show or would like to suggest a speaker please fill out our forum: https://forms.gle/9JkrYPCPnKG7kHJk7

---------------
Youtube: https://www.youtube.com/@TheBeardedITDad
Discord: https://itdad.info/Discord
Facebook: https://www.facebook.com/TheBeardedITDad
Twitter: https://twitter.com/TheBeardedITDad
Website: https://thebeardeditdad.com

Detect and prevent data security incidents with Microsoft Purview. Combine data classification with proactive and adaptive data loss prevention policies aligned to the assessed insider risk level for a multi-layered approach.

Trusted insiders working for your organization contribute to 25% of data breaches. Many of these breaches remain undetected or are discovered long after the damage is done. We deconstruct what occurred at a prominent company with an account inspired by a true story of corporate espionage and how Microsoft Purview is designed to detect and prevent this type of data security incident.

► QUICK LINKS:
00:00 - Detect and prevent data security incidents
00:29 - Watch a real crime case
02:06 - Data security strategies
02:55 - Secure data with policies
04:10 - Insider Risk Management
04:40 - Wrap up

► Link References:
Check out our comprehensive series at https://aka.ms/DataSecurityMechanics

► Unfamiliar with Microsoft Mechanics?
As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Identify, classify, and protect information at scale using Microsoft Purview's AI-powered classifiers. Gain visibility into the data inside of your organization and apply the right protections, especially important if you intend to use generative AI to create content based on the information accessible on your network.

Microsoft Purview's AI-powered classifiers are extensively pre-trained and tested on vast categories of business data and Microsoft domain-specific knowledge, as well as synthetic data and sample files generated from large language models to detect sensitive content. Because these classifiers run on Microsoft's AI supercomputer, with its specialized hardware and software stack, your sensitive information can be classified and protected at unparalleled speed and scale.

Tony Themelis, Microsoft Purview’s Principal Product Manager, shares how to keep data inside your organization protected and continuously compliant as you work.

► QUICK LINKS:

00:00 - How to keep data in your organization protected

01:12 - Policy tips & sensitivity labels

03:50 - How to build an automated policy

06:14 - 360 degree view of discovered sensitive information

07:15 - Create a custom classifier

08:58 - Fingerprint-based sensitive information type

09:36 - Wrap up

► Link References:

Check out our full series at https://aka.ms/DataSecurityMechanics

► Unfamiliar with Microsoft Mechanics? 
As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Migrate from Active Directory Federation Services to Microsoft Entra ID, formerly Azure Active Directory. Many key blockers have been removed with Microsoft Entra ID, including capabilities like certificate-based auth, group filtering, group transformation, and token augmentation. Additional capabilities include conditional access and phish-resistant passwordless authentication.

Jeremy Chapman, Director at Microsoft 365, shares the steps to migrate from AD FS to Microsoft Entra, as well as an inside look at the management and IT experience.

► QUICK LINKS:

00:00 - Introduction

01:27 - Why migrate from AD FS?

02:32 - Compare the management experience

03:58 - IT perspective

04:48 - How to migrate from AD FS to Microsoft Entra

05:31 - Walk through the setup

06:35 - Salesforce process

07:22 - Wrap up

► Link References:

Tutorials and resources for the most common apps at https://aka.ms/migrateapps

Hands-on guidance and detailed documentation for migration at https://aka.ms/adfs2entra

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Automate manual steps to onboard and offboard users as they enter or leave your organization using Microsoft Entra. For onboarding, manage user identities, grant permissions to access necessary information, and provide users with what they need to be productive, such as computer hardware. As people leave the organization, deprovisioning is critical to maintain security and compliance. Lifecycle Workflows in Microsoft Entra ID Governance can help with pre-built templates for common tasks.

Microsoft Entra is a complete identity management platform with everything you knew about Azure Active Directory, along with new capabilities. Identity lifecycle management automation removes many of the manual steps of everyday identity management tasks. With Lifecycle Workflows, users experience more consistency for better job satisfaction and reduced risk. It works with HR systems, like Workday and SuccessFactors, as part of the onboarding and offboarding workflow.

Jeremy Chapman, Director of Microsoft 365, walks through Identity Lifecycle Management automation in Microsoft Entra.

► QUICK LINKS:

00:00 - Introduction

01:28 - Automate employee onboarding

04:19 - Automate employee offboarding

05:41 - Workflow history

06:58 - Built-in change tracking for version history

08:30 - Wrap up

► Link References:

For more on lifecycle workflows, check out https://aka.ms/ILMDocs

Try it out at https://entra.microsoft.com

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Guest:

• Ian Glazer, founder at Weave Identity, ex-Gartner, ex-SVP of Products at Salesforce, co-founder of IDPro

Topics:

• OK, tell us why Identity and Access Management (IAM) is exciting (is it exciting?)

• Could you also explain why IAM is even more exciting in the cloud? 

• Are you really “one IAM mistake away from a breach” in the cloud? 

• What advice would you give to someone new to IAM?

• How to not just “learn IAM in the cloud” but to keep learning IAM?

• Is what I know about IAM in AWS the same as knowing IAM for GCP? What advice do you have for teams operating in a multi-cloud world?

• What are the top cloud IAM mistakes? How to avoid them?

Resources:

• Video (LinkedIn, YouTube)

• IDPro association and BoK

• SCIM v2 standard

• EP60 Impersonating Service Accounts in GCP and Beyond: Cloud Security Is About IAM?

• EP76 Powering Secure SaaS … But Not with CASB? Cloud Detection and Response?

• EP94 Meet Cloud Security Acronyms with Anna Belak

Automate multicloud regulatory assessments with Microsoft Purview to keep data sitting in multiple clouds from becoming a liability. Compliance Manager in Microsoft Purview provides a single view of your compliance status across your multicloud data estate, whether IaaS including virtual machines, PaaS with cloud storage accounts, or various SaaS apps in use by your organization. The solution deep links directly to where settings are configured, so you can pinpoint what needs to be fixed.

Daniel Hidalgo, Product Manager for Microsoft Purview, shares how to automate daily monitoring of your multicloud environment and remediate risks.

► QUICK LINKS:

00:00 - Introduction

00:39 - Microsoft Purview Compliance Manager portal

01:45 - Demo- deep dive into PCI DSS details

03:55 - Steps to set it up

05:46 - Enable Salesforce

06:38 - Deep link to configuration screen

08:14 - Wrap up

► Link References:

Try it out today, at https://purview.microsoft.com

Check out https://aka.ms/ComplianceManagerdocs

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

A single solution to centrally manage your entire identity infrastructure with Microsoft Entra. Whether hybrid across your on-premises systems and the Microsoft Cloud, or across services spanning multiple clouds, like AWS, Google Cloud Platform and your favorite SaaS apps.

Joey Cruz, from the identity team at Microsoft, highlights the comprehensive capabilities of Microsoft Entra, including unified identity management, that spans beyond your Microsoft estate and beyond Azure Active Directory. He demonstrates new and unique capabilities for the day-to-day management of your users and workloads. ►

► QUICK LINKS:

00:00 - Introduction

00:25 - Microsoft Entra admin center

01:07 - Secure access to Google services with passwordless authentication using Microsoft Entra

02:20 - Access all of your cloud and on-prem apps from myapps.microsoft.com

03:13 - Supported authentication methods

04:24 - Verified IDs to automate new user verification and access provisioning

05:40 - Workload Identity management for secure app to app communication

06:56 - Privileged Identity Management to protect admin accounts and more

07:41 - Permissions Management to monitor and protect Azure, AWS and GCP in one place

08:20 - Wrap up

► Link References:

Try Microsoft Entra at https://entra.microsoft.com

Check out our docs at https://aka.ms/EntraDocs

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/website

• To get the newest tech for IT in your inbox, subscribe to our newsletter: https://www.getrevue.co/profile/msftmechanics

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

With remote work and a changing data landscape, risk of data theft has reached new heights - Insider Risk Management helps protect against those risks. Watch the step-by-step tutorial for implementing an Insider Risk Management solution for your organization as part of Microsoft Purview.

It's surprisingly simple to build a baseline for managing activity inside your organization - from getting everything running, to setting policy on the types of violations that should raise system alerts, to assigning permissions for those who should have oversight and a level of incident detail they can see. While more advanced settings like intelligent detections define un-allowed and allowed domains and risk score boosters detect unusual activities or previous policy violations.

Talhah Mir, from the Microsoft Purview team, joins Jeremy Chapman to show you how to set up Insider Risk Management with Microsoft Purview.

► QUICK LINKS:
00:00 Introduction
00:52 The best way to get started
01:13 Customize core experiences and insights
02:31 How to implement Purview for the first time
03:55 Set permissions
04:47 Customization
07:19 Create policies
07:55 Specify content priority
09:23 Define how a policy gets triggered
11:48 Two categories of detection
12:57 How to sign up for CS management in Microsoft Purview

► Link References:
Set up a trial of Microsoft Purview: https://aka.ms/purviewtrial
Receive guidance for connecting HR systems: http://aka.ms/HRConnector

► Unfamiliar with Microsoft Mechanics?
As Microsoft’s official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.
• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries?sub_confirmation=1
• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog
• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/website
• To get the newest tech for IT in your inbox, subscribe to our newsletter: https://www.getrevue.co/profile/msftmechanics

► Keep getting this insider knowledge, join us on social:
• Follow us on Twitter: https://twitter.com/MSFTMechanics
• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/
• Enjoy us on Instagram: https://www.instagram.com/microsoftmechanics/
• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

3Eye joins Mack Bickle and Carter Dunbar from Identity Automation to discuss the importance of Identity and Access Management (IAM) and how Multi-Factor Authntication (MFA) fits into a complete security deployment.

Hosted by:
Reid Estreicher, Director of Solutions Engineering, 3Eye Technologies

Guests:
Mack Bickle, Partner Manager, Identity Automation
Carter Dunbar, Implementation Strategy Manager, Identity Automation