If you run a hybrid identity estate, you already know the uncomfortable truth: the same user can “look trusted” in one place and “untrusted” in another. On-premises active directory gives you strong control over devices and network boundaries. Microsoft entra id (formerly azure ad) gives you strong control over cloud sessions, sign-in risk, and app access. The hard part is building a…
Using custom roles and pim in entra id
March 1, 2026
Least privilege that actually survives real life
Imagine you’re the person who gets paged when “someone needs admin access right now.” The request is always urgent. The blast radius is always unclear. And the only role that “just works” is usually global administrator.
That is the default failure mode of identity governance: not because people love risk, but because granularity is hard…
Joy Chik, corporate vice president for Microsoft Identity, recently laid out a general overview of Azure AD security best practice. This announcement comes in the light of improvements that were recently announced to Azure Active Directory including conditional access policy management enhancements and synchronization service additions.
Microsoft has suggested that companies using Azure AD…
Microsoft announced improvements in Azure Active Directory Conditional Access Policy and Sync
March 3, 2021
Microsoft has recently announced improvements to Azure Active Directory conditional access policy and sync services. The company also outlined security best practices for organizations across the world using on-premises Active Directory and Azure AD for identity and access management.
Microsoft is advocating organizations to adopt zero trust for network traffic with Active Directory along with…
