Skip to content
Contact Us
March 6 2025

How can MSPs enhance security in Entra ID?

Infini East
Blog Details

MSPs can enhance security in Entra ID (formerly Azure AD) by implementing best practices around identity protection, access management, and governance. Here’s a comprehensive approach:

1. Enable Multifactor Authentication (MFA)

  • Use Conditional Access to enforce MFA for all users, especially admins.
  • Enable phishing-resistant MFA methods like FIDO2 security keys or Microsoft Authenticator’s number matching.

2. Implement Conditional Access Policies

  • Block access from risky sign-ins and unknown locations.
  • Require compliant devices for sensitive applications.
  • Enforce Just-In-Time (JIT) access for admins.

3. Use Entra ID Protection

  • Detect and respond to compromised identities.
  • Enable risk-based sign-in policies to block high-risk users.
  • Automate user risk remediation.

4. Secure Privileged Access with Entra ID PIM

  • Implement Privileged Identity Management (PIM) to provide Just-In-Time (JIT) admin access.
  • Require approval workflows for privileged role activation.
  • Enforce MFA for admin role activation.

5. Monitor & Audit with Entra ID Logs

  • Enable audit logs and integrate with SIEM solutions like Microsoft Sentinel.
  • Set up alerts for suspicious activities (e.g., mass password resets, impossible travel).
  • Regularly review access logs for anomalies.

6. Implement Least Privilege Access (Zero Trust)

  • Assign users only the roles they need (RBAC model).
  • Regularly review and remove unnecessary access.
  • Use Access Reviews for periodic role validation.

7. Secure Guest & External Access

  • Limit guest user permissions with external collaboration settings.
  • Require MFA for guest users.
  • Restrict external sharing of sensitive data.

8. Enable Passwordless Authentication

  • Implement Windows Hello for Business, FIDO2 security keys, or Passkeys.
  • Reduce password reliance to mitigate phishing risks.

9. Protect Against Legacy Authentication

  • Disable legacy authentication (e.g., SMTP, POP, IMAP).
  • Enforce Modern Authentication for all apps.

10. Use Defender for Identity & Microsoft Sentinel

  • Deploy Defender for Identity to detect identity-based threats.
  • Integrate Entra ID logs with Microsoft Sentinel for real-time threat hunting.

Key Takeaway for MSPs

By implementing Zero Trust principles, enforcing Conditional Access policies, and leveraging Microsoft’s security tools, MSPs can significantly reduce identity-related risks in Entra ID.

Would you like a step-by-step guide on any of these topics? 🚀

Blog comments

Recent Post

LinkedIn tiktok Logo_of_YouTube image-png-1

2024 All rights reserved 
Copyright Infini East ltd, Lytchett House, Unit 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FA
Tel: 020 4572 5373 - 023 9433 0338
Company house number: 16150922