Quick blog post today.
Many of you have asked when you’ll be able to use Conditional Access policies with Microsoft Teams and the Azure Portal. I’m happy to let you know that support for both services is now available. Nitika Gupta from my team has written a blog post with the details. You’ll find it below.
Alex Simons (Twitter: @Alex_A_Simons)
Director of Program Management
Microsoft Identity Division
I’m Nitika Gupta, a Program Manager in the Identity Security and Protection team at Microsoft. I’m excited to share that Microsoft Teams and Azure portal now support Azure AD Conditional Access.
Till now, the only way to secure access to Azure portal was to require Multi-Factor Authentication all the time for an administrative account. This addressed the security need but came in the way of productivity. With this announcement, customers can require Multi-Factor Authentication only for access to Azure portal. Leveraging the power of Conditional Access, customers can allow access to Azure portal only under certain conditions (sign-in risk, location, device) and from trusted devices.
To create a policy for Azure portal, you can simply select “Microsoft Azure Management” under Cloud apps.
The policy will impact all the Azure management endpoints (classic Azure portal, Azure portal, Azure Resource Manager provider, classic Service Management APIs, as well as PowerShell).
While configuring a policy for Azure portal, be cautious! A bad configuration might lead to you locking yourself out.
And making news is also Microsoft Teams, one of the newest members of the Office 365 family, which is now available as its own Cloud app for IT admins to configure Conditional Access policies on. This allows organizations to secure the data in Teams and prevent leakage on untrusted devices.
The policy applies to Teams app on Windows, macOS, iOS, Android and Windows Phone. It’s important to note that Conditional Access policies created for Exchange Online and SharePoint Online cloud apps also affect Microsoft Teams as the Teams clients rely heavily on these services for core productivity scenarios such as meetings, calendars and files.
We would love to hear your feedback! If you have any suggestions for us, questions, or issues to report, please leave a comment at the bottom of this post, or tweet with the hashtag #AzureAD.