– part 2.
Now, where was I? Yes. Data can be accessed from almost anything now so how do you manage, monitor and protect it all in this mobile age?
Read part 1 here
This is where Microsoft Azure and Office 365 start to come into their own and, in my opinion, is now the most complete solution meeting this challenge. Services include
- Azure AD
- Azure Information Protection
- Conditional Access
- Microsoft Intune
- Office 365 Advanced Threat Protection
- Office 365 Data Loss Prevention
If you have access to these services, you really should be using them to their full potential. That’s where a Managed Services Partner “MSP” like Trilogy Technologies can bring real value.
By combining the six services mentioned above, a business can transform the way data is accessed, managed and shared as well as managing business devices that access and work with their data. You can even manage and track how data shared with external third parties is accessed and used, depending on your Azure license. I won’t go into too much detail here. You can use the links above to find out more on each service I’ve mentioned.
Now I know what you’re thinking. Great you’ve given me links to read more about the services. Can you show me how I can combine the services and monitor my data and devices proactively?
Yes, I can.
Cross browser web app
For the purposes of this article, I’ve built a demo cross browser web application using Microsoft Graph API and Microsoft Power BI . The application is running on a NodeJS webserver hosted locally on my device. The application supports authenticating to Azure AD and also supports two factor authentication “2FA”. (Trilogy recommends DUO 2FA.)
I’ve combined the Azure and Office 365 services mentioned above and created live automatically updating reports with Power BI. These display all aspects of my Azure/Office 365 tenancy usage from user logins to Intune device compliance and Microsoft Teams utilisation. I built the report using Power BI apps due to ease of access and it’s only a demo after all!
Once I built my reports, I added them to the application and fired it up:
The sign in process
Once logged in the live reports are displayed
As you can see, this simple web application returns a huge range of information providing monitoring and oversight across multiple Azure and Office 365 services. This can be easily extended with Microsoft Graph API to provide data access reports, live Azure and Office 365 security alerts, Office 365 storage location reviews for SharePoint Online, OneDrive for Business and Microsoft Teams.
I then went one step further and created Flows which are emailed to me. These informed me of any impossible login attempts for example. In this case I logged into my Azure account from my home office on my device.
Then I opened a separate device and created a VPN to a server in Japan, effectively giving the device a Japanese IP address. This is where the Sign-in Risk, User Risk and Conditional Access policies I created kicked in.
I tried logging into my account from the device and was blocked. This was logged in Azure as an impossible login and less than 5 minutes later I received an email from Flow alerting me to the fact that an impossible login attempt was logged and blocked by the Conditional Access policy.
This setup can be easily implemented for businesses with a hybrid domain configuration and cloud based configuration.
I recommend you take the time to read more about Windows Virtual Desktop on Azure. This is going to be a game changer when its officially released and is something I’m excited about.
Please do contact me if anything in this article has sparked your curiosity!