When managing cloud resources, security is a top concern. Identity and access are key. But focusing solely on who can access a resource is no longer sufficient. Organizations must also consider how each resource is accessed. Conditional Access, an Azure Active Directory capability addresses this need through automated, condition-based access control.As a Microsoft Gold Partner, our proven method has successfully implemented Intune and Conditional Access at all stages of O365 implementation. Our breadth of knowledge, experience, and industry partnerships have refined our approach to O365 and its surrounding security posture. Anexinet’s Architects guide clients through the entire security lifecycle to avoid the usual pitfalls and achieve a successful outcome.
Our proven four-step approach yields a successful Conditional Access configuration, typically over a two-week period:
To maximize productivity, kickoff meetings with the Business and Technical Groups explain the process, establish roles and expectations, and norm the teams for success. To ensure the client has a thorough understanding of the process, we review the organization’s options for securing Office 365 access and protecting data on apps, PCs, and mobile devices, including unmanaged devices. Lastly, we describe the implications and workings of device-based Conditional Access.
We start by developing a thorough understanding of the client’s business landscape to provide a solid foundation—including infrastructure, personnel, policies, processes, and security. Next, we analyze the client’s Intune-supported configurations to determine the most appropriate use cases. Lastly, we review existing licensing requirements, gather any additional artifacts, and identify potential gaps for remediation.
Here, we define a plan for future-state that encompasses utilization, management tasks, and security requirements.
Our Intune / Conditional Access Proof of Concept (POC) provides hand-on experience while validating the client’s readiness for data security and management, and ensuring proper systems functionality. In this step, we enroll applicable devices into Intune and deploy the applications.We further refine the prototype through a set of activities that include creating an Intune subscription, configuring Intune, adding apps, enabling device enrollment, creating a Configuration Policy, and configuring app policies, POC devices, and Conditional Access.Lastly, we generate a trial tenant populated with sample content and test users and provide working sessions to review the tenant and associated features, as determined from the earlier planning phases.
Upon completion of this Kickstart you’ll take away the following artifacts: