What are your recommendations to an organization to secure Azure AD? What are the top priorities that they should follow besides of enabling MFA. Let's discuss this, folks, so we can help each other out!
Ok, I'll start.
1. Configure Conditional Access for your Admins. Would you be happy when your Global Admins would login from a untrusted location? I don't think so, so deny access and only allow Admins accessing from specific location(s)
1/?
1. Configure Conditional Access for your Admins. Would you be happy when your Global Admins would login from a untrusted location? I don't think so, so deny access and only allow Admins accessing from specific location(s)
1/?
2. Make sure that you have some logging in place. Azure Monitor, Log Analytics, etc. If you can use Azure Sentinel, go for it. Turn on the logging and have visibility. There are free data connectors like Azure AD, O365, Identity Protection, etc.