Summary

In this chapter, we introduced you to Conditional Access policies in both Azure AD and Intune. We demonstrated how Conditional Access helps you address traditional security requirements with a modern approach, where instead of configuring a firewall (which is not possible in a Microsoft 365 environment), we can configure policies in Azure AD and Intune to provide additional protection for our users and resources. We learned how to create a simple Conditional Access policy, as well as more advanced app-based and device-based policies using Intune. In addition, we showed you how you can search the Azure AD Sign-ins page to track successful and failed Conditional Access policy events.

In the next chapter, we will show you how role assignment and privileged identities can be used in Azure AD to ensure that correct access is provided to your users.