Azure Active Directory Privileged Identity Management

Azure Active Directory Privileged Identity Management

Azure Active Directory Privileged Identity Management is a feature of the Azure AD Premium P2 edition. Azure AD comes in four editions – Free, Basic, Premium P1 and Premium P2.

Azure AD Privileged Identity Management helps you manage and protect privileged/Administrative accounts so that you can restrict and monitor administrators and their access to resources and provide just-in-time access when needed.

Azure AD Privileged Identity Management helps you identify and configure following regarding administrative accounts and access.

  1. See which users are Azure AD administrators.
  2. Enable on-demand, “just in time” administrative access using the concept of eligible admin.
  3. Get reports about administrator access history and changes in administrator assignments.
  4. Get alerts about access to a privileged role.

JUST IN TIME ADMINISTRATOR ACCESS

Azure AD Privileged Identity Management introduces the concept of an eligible admin. Eligible admin is given just in time administrative access for a predetermined amount of time.

Eligible admin role is inactive until the user needs access. When they need access they need to complete an activation process and become an active admin for a predetermined amount of time.

ENABLE PRIVILEGED IDENTITY MANAGEMENT FOR YOUR DIRECTORY

  1. https://portal.azure.com
  2. In search box type Azure AD Privileged Identity Management> In result select Azure AD Privileged identity Management and click create.

PRIVILEGED IDENTITY MANAGEMENT DASHBOARD

Azure AD Privileged Identity Manager dashboard provides following information:

  1. Alerts that point out opportunities to improve security
  2. The number of users who are assigned to each privileged role
  3. The number of eligible and permanent admins
  4. Ongoing access reviews

https://i.redd.it/czfy7xuo56o11.png

To read rest of the article click on the link below.

https://mykloud.wordpress.com/2017/06/27/azure-active-directory-privileged-identity-management/

submitted by /u/harinderkohli
[link] [comments]

Leave a Reply