How Conditional Access manages anytime, anywhere access

Chris McKinley

Reduce risk and boost security

One of the big wins of Cloud first IT is that users can access content from any location from almost any device. This effortless way of connecting to company data is a huge advantage over clunky VPNs, removable storage or having to physically go into the office in order to access content. But this sounds too risky for sensitive data.

Whilst empowering users to be productive in any location, we also have a responsibility to protect our organisational assets and keep data safe.

The first line of defence is a username and password. We always encourage a second factor of authentication, known as Multi Factor Authentication (MFA), but having to approve an MFA request whilst sat in a secure office, on a company managed device just to open emails does sound a little draconian.

What is Conditional Access?

Conditional access allows us to apply intelligent policies to access requests which helps maintain the balance between convenience and security. We can use conditional access to look at the signals of a login and then decide how we treat that event.

For example, if an employee is in an untrusted location (such as a coffee shop, home network or even a different country) we require them to be using a device that is registered to Active Directory (AD) and that MFA is applied. We can also restrict certain applications on personal phones, so company data can only be accessed via approved applications. We can also ensure that management tasks require MFA before being completed, even if based in a trusted location on a compliant device.

If any of your users access content whilst on the go, or if you want greater control over your security perimeter – now that it potentially extends globally – then conditional access is certainly worth looking at in order to boost security and reduce risk.

Conditional Access

How to get started with Conditional Access 

To get started, you’ll need an Azure AD Premium P1 license, or and M365 Business Premium licence (some features also require Azure AD P2 or additional product licenses) and then determine what you need the policies to do, what signals you want to assess and what decisions you need to make based on them.

Sound a bit complicated and time consuming? Then simply get in contact with us. As Microsoft licensing and conditional access experts, we can help you through the whole process and so you can swiftly introduce secure anytime, anywhere access and control the risk.