Identity, Microsoft 365, Cloud Security, Microsoft Entra ID, Security, Identity Governance, Security & Compliance, Azure & Entra ID Tiago Carvalho Identity, Microsoft 365, Cloud Security, Microsoft Entra ID, Security, Identity Governance, Security & Compliance, Azure & Entra ID Tiago Carvalho

Conditional Access foundations: break-glass accounts, exclusion groups, and the logging you want before any policy

Before deploying a single Conditional Access policy, three things have to be in place: two break-glass accounts with FIDO2 keys, a clean exclusion group pattern, and sign-in logs wired to alerts. Part 2 of the series — the foundations that stop a misconfigured policy from becoming a business-hours incident.

Read More