Microsoft Azure Active Directory Onpremises Private cloud Every

Microsoft Azure Active Directory On-premises / Private cloud

Every Office 365 and Microsoft Azure customer uses Azure Active Directory 12 M organizations 950 M 122 B users authentications in August 2017 56 K paid Azure AD / EMS customers 90 % of Fortune 500 companies use Azure AD

I[dev need want use to mycase] provide quickly customers, deploy my employees partners, applications and secure users to to want to protect to my regulation I need comply access with industry and easy access devices, the do access apps morethey towith every need lessapplication and fromautomate everywhere resources from advanced threats and national data protection laws fromcollaborate and Join/Move/Leave any location seamlessly processes and any device Azure AD Connect B 2 B collaboration Provisioning. Deprovisioning Conditional Access SSO to Saa. S Self-Service capabilities Connect Health Multi-Factor Authentication Addition of custom cloud apps Access Panel/My. Apps Dynamic Groups Identity Protection Remote Access to on-premises apps Azure AD B 2 C Group-Based Licensing Privileged Identity Management Microsoft Authenticator Password-less Access Azure AD Join MDM-auto enrollment / Enterprise State Roaming Security Reporting Azure AD DS Office 365 App Launcher HR App Integration Access Reviews

Conditions Controls 10 TB Users Devices Machine learning Allow access Session Risk 3 Require MFA On-premises apps Real time Evaluation Engine Location Apps ****** Force password reset Deny access Policies Effective policy Web apps Limit access

140+ 75%+ median # days attackers reside within a victim’s network before detection network intrusions due to compromised user credentials $6 T annual cost of cybercrime to the global economy $4 M average cost of a data breach to a company The frequency and sophistication of cybersecurity attacks are escalating

Xbox Live Microsoft Accounts Azure Active Directory Azure Skype Enterprise Mobility + Security Office 365 Bing One. Drive Microsoft Digital Crimes Unit Microsoft Cyber Defense Operations Center

Intelligent protection with Azure Active Directory For MSA 6. 7 M users marked as compromised monthly 230 M blocked login attempts or 11 M credentials daily 1 M users protected by real-time detection and challenges each day For Azure AD 300 K users marked as Med/High risk monthly over 48 K tenants 3. 2 M users marked as at risk monthly over 97 K tenants 45 K users confirmed to be compromised each month

passwords passwords IF YOU HAVE PASSWORDS, YOU MUST USE MFA

1. 123456 2. 123456789 3. qwerty 4. 111111 5. 12345678 6. 123123 7. password 8. 1234567 9. 12345 10. 1234567890 11. abc 123 12. 123 13. 123321 14. password 1 15. qwertyuiop 16. 666666 17. a 123456 18. 1234 19. 654321 20. 5201314 21. 123456 a 22. iloveyou 23. 1111 24. 159753 25. 123123123

1. Password complexity requirements don’t help

2. Password expiry does more harm than good

3. Longer passwords are not necessarily better

Updated NIST Guidelines

http: //aka. ms/passwordguidance

markxxx@microsoft. com

Microsoft Confidential

Microsoft Confidential

Microsoft Confidential

Azure Active Directory Schroedinger's User Credentials ? Classifier Learner Seems Good Analysis Seems Bad Deploy 10+ TB Logs Update Analyze Label Data We were right! We were wrong! Relying parties Self-reporting Threat data Behavior

Discover, restrict, and monitor privileged identities User Administrator privileges expire after a specified interval Enforce on-demand, just-in-time administrative access when needed Ensure policies are met with alerts, audit reports and access reviews Manage admins access in Azure AD and also in Azure RBAC User

https: //myignite. microsoft. com/evaluations https: //aka. ms/ignite. mobileapp