Microsoft has announced new phishing-resistant solutions designed to help organizations protect against credential-based attacks in Azure, Office 365 and remote desktop environments, and hardware security key maker Yubico says the measures make it easier to secure accounts and assets using the YubiKey.
Microsoft announced authentication strength, a new Conditional Access control that allows admins to specify which authentication methods can be used to access a resource. Admins can allow any multifactor authentication method to access most resources in the tenant, but require phishing-resistant authentication methods when users access sensitive resources, Microsoft says.
According to Yubico, this enables organizations to use the same YubiKey as a smart card with Azure AD enabling them to migrate away from on-premises authentication solutions as part of Zero Trust and cloud strategies.
With Certificate-based authentication now generally available in Azure AD, organizations have three phishing resistant options to choose from, including CBA, Windows Hello for Business and FIDO2 security keys. Organizations can use existing smart card and public key infrastructure deployments to authenticate to Azure AD without a federated server.
Security key manufacturer Yubico says in a press release that this enables enterprises to leverage YubiKeys for phishing-resistant MFA for FIDO-based passwordless or certificate-based authentication to enforce that YubiKeys are the only authentication solution allowed. The company says organizations can eliminate phishing as an attack vector for highly privileged users and safeguard critical assets.
Microsoft also recently announced support for FIDO-based passwordless authentication in Azure Virtual Desktop, the company’s solution that enables users to connect to a cloud workstation. Support for FIDO-based passwordless authentication allows users to authenticate with their hardware security key and Azure AD passwordless credentials when the user signs into AVD or when they sign into an application inside the virtual desktop.
These integrations with Yubico are just a few of many Azure AD integrations Microsoft announced last week.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply