02 8338 3444In my last post, I explained how to secure user accounts in AWS. My discussion on cloud security wouldn’t be complete without also addressing the second most popular cloud computing platform – Azure.
To protect your Azure ecosystem, you need to enforce proper password hygiene throughout your organisation. To understand why, take a look at these concerning password statistics:
– 53% of people don’t change their password after it was compromised in a known breach – 76% of employees experience regular password problems
If every employee in your organisation exercises secure password practices, the probability of account compromise leading to an Azure ecosystem breach could be avoided.
Fortunately, you can enforce organisation-wide adoption of proper password hygiene by setting up federated login for LastPass using Azure Active Directory.
Here’s how you do it:
Step #1: Create a Provisioning Token and Capture the Connection URL in LastPass Step #2: Configure the Provisioning App for LastPass in Azure AD Step #3: Configure the Login App for LastPass in Azure AD Step #4: Configure Federated Login Settings for Azure AD in LastPass Step #5: Add Users/Groups to the Provisioning and Login Apps in Azure AD
If you’d like a detailed breakdown of each step, let me know in the comments, and I’ll send over a tutorial.
When this integration is complete, all of your employees will have instant access to their LastPass vault after logging into Azure AD. This will enforce exemplary account security practices by ensuring:
- Password recycling never occurs
- Secure login processes are maintained even when SSO isn’t supported
- Only complex passwords are used
- Multiple-Factor user authentication (one of the hardest security controls to compromise)
- Uninterrupted user workflow
By addressing one of the primary attack vectors in a cloud environment – account compromise – LastPass offers a cost-effective and highly- efficient method for strengthening the security posture of your Azure ecosystem.
What are your top 3 most recommended cloud security controls? I’d love to know your thoughts.