Microsoft recently apologized for an Azure Active Directory issue that disrupted access to Office 365 applications and the Azure Admin Portal for two hours or more for some users. Microsoft conducted a root cause analysis in an attempt to offer an explanation on what caused the outage.
In the root cause analysis notice, Microsoft said that a cross-cloud migration operation that was intended to improve the Azure AD service, ended up disrupting services for some organizations. The outage occurred on March 15 for users of the Azure Admin Portal, Teams, Exchange, Azure KeyVault, SharePoint, Storage and other major applications.
The notice also mentioned that Microsoft is currently working on a two-stage process, called the safe deployment process, to improve the Azure AD service. As part of the plan, Microsoft has already completed the first stage of this Safe Deployment Process for the Azure AD service. The second stage is said to be completed by the mid of 2021.
It is to be noted that this incident isn’t the first of its kind for Azure AD. Microsoft added that a similar incident previously occurred on September 2020 were users of Microsoft 365 services experienced various outages tied to the Azure AD service. However, Microsoft promised that the Safe Deployment Process will eliminate such issues from happening again.
Microsoft recently released a couple of new additional features to its Azure AD system. The new features, namely My Apps Collections and Risk Detections will let end users create their own set of apps in the Azure AD “My Apps” portal. The latter feature will help administrators spot sign-in anomalies. However, Microsoft also announced that some Azure AD features will also be discontinued.
A look into the My Apps Collections Feature:
This feature will allow end users to create their own collections of apps in the Azure AD My Apps portal and will also enable them to arrange their apps under “tabs”. IT teams are initially required to grant access to these applications to the end users for them to utilize the new feature. The new feature allows end users arrange them under tab categories, they are just reorganizing what they already have the rights to use. It is to be noted that the new feature will require an organization to have an “Azure AD Premium P1 or P2 license” to use it.
Risk Detections in Azure AD – A closer look
The new feature lets organizations spot signals of sign-in risk if they use the Azure AD Identity Protection service. These protections are borrowed from the pre-existing Microsoft Cloud App Security service and they are as follows:
- Sign in from a new country
- Activity from Anonymous IP Address
- Suspicious Inbox Forwarding Rules
“IT admins can now use such signals to investigate any anomalies further if necessary”, Microsoft said in their announcement.
Microsoft announced that two of its security services, Azure Front Door and Azure Firewall have been updated with improvements. Azure Front Door now comes with two new products in the preview stage, Standard and premium, while Azure Firewall has a Premium option in the preview stage as well.
The company conducted a web presentation titled “Modernize Your Network Security Strategy” on Feb 18th, and it announced the product updates during the presentation.
Microsoft said in the presentation that while the internet has scalable support for applications, it does not have as many cybersecurity protections for the applications. This prompted the company to offer two new products namely Standard and Premium to its Front Door service.
Meanwhile, the company also said that the Firewall Premium product is for “highly sensitive and regulated environments.” The service supports TLS traffic inspection, offers intrusion detection and prevention solution, and has the provision to set filters for outbound traffic among many other functionalities.