If your organization is moving critical resources to the cloud, effective Azure Active Directory security practices are essential. You need to ensure that users who access the critical resources that Azure AD protects are who they claim to be, and that they have only the rights that they require. Even if your organization has a great deal of experience administering and securing a traditional on-premises AD environment, you will face new challenges as you move to the cloud. This white paper, and the others in this series, will help.
We recommend organizing your effort into four phases, each of which must be continually practiced and iteratively improved upon:
- Continually assess
- Detect and alert
- Remediate and mitigate
- Investigate and recover
In this white paper, we address continual assessment, which is the process of knowing the current state of security in Azure Active Directory.