Microsoft 365 Business will be renamed Microsoft Business Premium after the 21st April 2020. Microsoft Business (Premium) aims to deliver a comprehensive productivity and security solution for businesses with less than 300 employees. It integrates your favorite Office apps and collaboration tools including Microsoft Teams with advanced security and device management capabilities. The Azure Active Directory Premium P1 is coming to Microsoft 365 Business and is another key capability to the Microsoft 365 Business subscription. This new license will roll out to new customers in the next few weeks, and to existing customers in the coming months.
With the addition of the full Azure AD Premium P1 license, you will soon get the benefit of cloud app discovery, Application Proxy, dynamic groups, passwordless authentication and more—all of which help your employees maintain secure access to work apps, whether they’re at home or on the go.
- Cloud App Discovery:
In modern businesses with Bring Your Own Device (BYOD) environments and work from home set ups, IT departments are often not aware of all the cloud applications that their employees use for work. As a result, administrators often have concerns about unauthorized access to corporate data, possible data leakage and other security risks inherent in the applications.
You can address these concerns by using Cloud App Discovery. Cloud App Discovery is a feature of Microsoft Cloud App Security (MCAS) that is also available with Azure Active Directory Premium P1. It enables you to discover cloud applications that are used by employees in your organization and view reports to analyze your environment. Cloud app discovery analyzes your traffic logs against a catalog of over 16,000 cloud apps. The apps are ranked and scored based on more than 80 risk factors to provide you with ongoing visibility into cloud use, shadow IT, and the risk shadow IT poses to your organization.
With Cloud App Discovery, you can:
- Discover applications in use and measure usage by number of users, volume of traffic or number of web requests to the application
- Identify the users that are using an application
- Export data for additional offline analysis
- Prioritize applications to bring under IT control and integrate applications easily to enable single sign-on and user management
- Application Proxy:
Many organizations run business-critical apps on-premises, and with the advent of remote and work from home scenarios, it becomes important to enable your employees to securely access these apps from anywhere. Azure AD Application Proxy is a lightweight agent that enables access to your on-premises apps, without opening broad access to your network.
It’s more secure than VPN and reverse proxy solutions and easier to implement. Remote users can access your on-premises applications the same way they access Office 365 and other SaaS apps integrated with Azure AD. With App Proxy, you don’t need to change or update your applications and it also doesn’t require you to open inbound connections through your firewall. With a single sign-on to Azure AD, users can access both cloud and on-premises applications through an external URL or an internal application portal. For example, Application Proxy can provide remote access and single sign-on to Remote Desktop, SharePoint, Microsoft Teams, and other line of business (LOB) and SaaS applications.
This also proves to be cost-effective as you don’t need to change the network infrastructure or install additional appliances in your on-premises environment.
- Dynamic Groups:
Dynamic groups help automate IT and business processes by automatically adding/removing users from security groups based on their attributes, thereby reducing the administrative overhead of adding and removing users. You can define attributes such as “sales department” for example to dynamically place a user in a certain group. You can use dynamic groups to assign users to groups automatically, then use these groups to grant access to applications.
- Passwordless Authentication:
With the multitude of apps we use everyday, passwords can be frustrating to remember and are easily breached. Passwordless authentication makes life easier for you by replacing the password with something you have, plus something you are or something you know.
Microsoft offers the following three passwordless authentication options that integrate with Azure AD – 1) Windows Hello for Business, 2) Microsoft Authenticator app and 3) FIDO2 security keys.
Azure Active Directory Premium P1 is coming to Microsoft 365 Business. For the full article and more links, click here.