Securing privileged access of IT administrators has become a security priority for most organizations for many years. In addition, identities of applications and workloads are also gaining privileged access and are used on a wide scale (especially in DevOps or high-automated environments). Thomas Naunheim has worked on a practical approach to adopt Microsoft's Enterprise Access Model by using latest capabilities in Azure AD to secure and govern privileged access. The goal is to provide a solution which supports the principles of a tiering model and avoid unauthorized access paths by establishing security boundaries. Furthermore, the design of a role-based access and persona model is essential to identify, monitor, and govern sensitive privileged accounts on the various levels. In this session we will cover automation for provisioning, managing and classification of privileged access but also potential attack scenarios by various techniques (token replay from unsecured privileged intermediaries) and misconfigurations (overprivileged and overseen access paths).
Speakers
Thomas Naunheim is a Cloud Expert and Microsoft MVP with a focus on identity and security solutions in Microsoft Azure. He is working as Cloud Security Architect at glueckkanja-gab AG. You will find him blogging at "cloud-architekt.net". Thomas shares his experiences with the community in meetup talks and conference sessions but also as co-host of the podcast "Cloud Inspires". He is part of the "Azure Meetup Bonn" and "Cloud Identity Summit" organization team. Since 2020 he has been awarded as Microsoft MVP for Azure.