Identity Management on Azure Archives - Azure Security Architect https://azuresecurityarchitect.com/category/identity-management-on-azure/ For all your cloud security needs Tue, 26 Dec 2023 18:03:26 +0000 en-US hourly 1 https://wordpress.org/?v=6.7.1 214478653 Multiple Office Locations – Using Azure AD tenants effectively https://azuresecurityarchitect.com/identity-management-on-azure/multiple-office-locations-using-azure-ad-tenants-effectively/ https://azuresecurityarchitect.com/identity-management-on-azure/multiple-office-locations-using-azure-ad-tenants-effectively/#respond Sun, 24 Dec 2023 23:42:32 +0000 https://azuresecurityarchitect.com/?p=129 Say you have two or more locations – one on the east coast and one on the west coast – that need to share a common Azure Subscription and a […]

The post Multiple Office Locations – Using Azure AD tenants effectively appeared first on Azure Security Architect.

]]>
Say you have two or more locations – one on the east coast and one on the west coast – that need to share a common Azure Subscription and a common Azure AD tenant. And your Azure AD tenant consists of users and device objects

Domain name – Best Practice  – Associate the single subscription with a single named tenant – mycorp.com.

Premium Licenses –  Assign a single AAD premium P2 license for each user.

Privileged Access Management – AAD PIM should be activated across the tenant

Azure Security The free version of Azure Security has been deployed

Define Security Groups in the AAD Tenant – per location

– SecGrpEastCoast – Dynamic user memebership for all east coast Users. Enable Access to AAD apps and azure resources
– SecGrpWestCoast – Dynamic User Membership for west coast users. Enable access to AAD apps and azure resources

This will enable you to manage the two locations individually (using security groups), while also providing a common set of security guardrails (Azure security) and common Privileged Identity Management.

The post Multiple Office Locations – Using Azure AD tenants effectively appeared first on Azure Security Architect.

]]>
https://azuresecurityarchitect.com/identity-management-on-azure/multiple-office-locations-using-azure-ad-tenants-effectively/feed/ 0 129