Good news, for anyone using (or considering) Microsoft Office 365!
In the latest update from the Microsoft team we have some exciting news to share in the quest to go ever more mobile in the workforce, but retain that security we crave for our business data and applications.
Microsoft Office 365 Business have rolled out the oft-requested Conditional Access feature for customers enrolled in these Microsoft SMB plans, through Azure Active Directory features.
It’s all part of making working with the Microsoft cloud easier and more secure for SMBs to manage.
What is Conditional Access?
Conditional Access is a new feature that allows stricter control over digital company apps and resources and access to them. It’s designed for businesses using Microsoft Office 365 that want to allow their employees to work remotely on mobile and/or personal devices, such as laptops, home computers, tablets, or their own phones for BYOD, etc.
Microsoft defines their new Conditional Access controls as “where, when, and who.”
Where – location is important
To prevent logins from unusual locations, e.g. unexpected access from the US while an employee is apparently working from home, the where of Conditional Access is important. This places restrictions or checks that a login is from a known or expected location, or requires 2FA or MFA (such as with an SMS code) from unknown locations.
When – which set of circumstances need to be met first
When using Microsoft Office 365, you can configure Conditional Access to make it only available if a device is in a given state, only give access to specific apps (or functionality within apps), ensure that cloud access is only available for devices enrolled in a company’s BYOD plan, or access resources only through given circumstances. We recommend Microsoft Intune app protection as a must.
One of the examples that Microsoft gives is sign ins to MS Exchange Online, where employees are only able to gain access to email and calendar resources specifically through the Microsoft Outlook app for either iOS or Android.
Who – granular user control
With Conditional Access, you’re able to set up remote access capabilities specifically by user, group, and role. This means not only access to apps or resources, but particular access controls within those apps and resources available. By setting this up in a more granular fashion, and revisiting user controls regularly, it gives you the power to know exactly which users can see and do what while they’re away from the office on the go.
How you can start rolling out Conditional Access
If you’d like to gain greater control of what your team are able to access remotely, then Conditional Access is for you.
What this means is that you’ll need a Microsoft 365 Business account or Azure Active Directory Premium P1 – the feature set goes across what’s applicable for SMBs from Azure AD Premium P1 for Microsoft 365 Business customers.
You will need to set up various things like device management for users, available apps, conditions to be met, and further access controls. These, like we mentioned, can be set at the user, group, or role level. If you haven’t enabled groups or roles, then now is a good time to do so.
Want help in setting up Conditional Access?
You don’t always have the time or the resources within your organisation to do things like set up Conditional Access. That’s why we offer our services as a Microsoft Certified Partner to help do all the heavy lifting for you. We can assist in setting everything up, as well as walking you through the process and running training sessions, so once you’re up and running you’ll be able to reconfigure and add different needs as you go.
If you’re looking for better remote access for your team and you’re a Microsoft 365 Business customer (or would like to be!) then speak to us at A1 Technologies to find out all the details.
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- Do you use Dropbox in your business? Dropbox is one of the “big three” players when it comes to cloud file storage solutions,...
- SD-WANs are the new way to optimize business networks, to cover disparate business sites and public cloud service connections, for optimal uptimes and...
- Back in the early days of the internet and email systems, spam mail would just be rubbish messages such as “Make $5000 a...