Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

Live Chat

Get Quote

ADAudit Plus » Get Quote
 
  

Azure Active Directory Identity Protection is a security tool that detects identity-based risks like compromised identities, mitigates security threats, provides conditional access policies, and provides information on security events for conducting investigations.

The three Identity protection policies

(i) Multi-factor authentication registration policy

MFA is a self-remediation method that decreases the risk of a malicious person trying to impersonate a domain user, thereby reducing the volume of helpdesk calls. Organizations can opt for Azure multi-factor authentication (MFA) for all or specific users. This is possible in Azure AD Identity Protection by setting up a Conditional Access policy* that requires registration during sign-in.

*Conditional Access policy

The IT team of an organization can create a custom policy where the users' location, applications opened, device used etc. can be pre-set as conditions. The risk score is then calculated, for every deviant behavior other than the one specified in the conditions.

(ii) User risk remediation policy

Every time a user signs in, Azure AD Identity Protection calculates a risk score based on previous logon behavior by the user. If the risk score is high, administrators can choose to block the account, or allow sign in with multi-factor authentication.

(iii) Sign-in risk remediation policy

Every time a user signs in, Azure AD Identity Protection calculates a risk score based on the probability that the logon was not carried out by the user. If the risk score is high, administrators can choose to block the account, allow sign in, or allow sign in with multi-factor authentication.

The major capabilities of Identity Protection that helps organizations safeguard their users identities include:

  • Detection and mitigation of identity-based risks without human intervention.
  • Conducting risk analysis.
  • Export information about the security risks to third-party tools for deeper analysis.

Azure AD Identity Protection utilizes machine learning algorithms to detect and generate reports and alerts to resolve threats.

Boilerplate: Download ManageEngine's ADAudit Plus, a real-time Active Directory auditing tool, that offers 200+ reports and email alerts. It is a useful tool to understand employee behavior with regards to IT, thwart insider and outsider attacks, and also for compliance purposes.

More related links

     

Native auditing becoming a little too much?

Try ADAudit Plus login monitoring tool to audit, track, and respond to malicious login and logoff actions instantaneously.

Try ADAudit Plus for free
 

ADAudit Plus Trusted By

Meet all auditing and IT security needs with ADAudit Plus.

  • Active Directory
  • File servers
  • Windows server
  • Workstation
  • Compliance
  • Related Products

A single pane of glass for complete Active Directory Auditing and Reporting

Free Trial Get Quote