Implementing Conditional Access Policies

Complete the full lesson to earn 25 points

Work through each section, then tap “Mark as Complete” on the last one.

Section 1 of 11

✦ Skip the page breaks and see fewer ads — read each lesson on a single page with Pro

Implementing Conditional Access Policies

In the early days of corporate networking, security was often compared to a castle with a moat. If you were inside the castle walls (the corporate network), you were trusted. If you were outside, you were not. This model worked well when everyone worked from a physical office and used company-owned desktop computers. However, the modern workspace has moved far beyond the castle walls. Today, employees work from home, coffee shops, and airports, using a mix of corporate laptops, personal tablets, and smartphones to access cloud-based applications.

This shift necessitates a new approach to security: Zero Trust. At the heart of the Zero Trust model in the Microsoft ecosystem is Conditional Access. Conditional Access is the "if-then" engine of identity security. It allows you to create specific rules that govern how users access resources based on the context of their login attempt. For example, "If a user is logging in from an unknown country, then require Multi-Factor Authentication (MFA)." Or, "If a user is accessing sensitive financial data from an unmanaged device, then block access entirely."

In this lesson, we will explore the architecture of Conditional Access, walk through the implementation of various policy types, and discuss the best practices that keep organizations secure without frustrating their users.


Section 1 of 11
PrevNext