Chapter 3: Implementing Conditional Access Policies

One of the common frustrations of IT administrators is finding a good balance between usability and security. This is especially relevant in a Microsoft 365 environment where your users only access cloud-based resources. It is not possible to wrap a firewall around Office 365 in the traditional sense. Conditional Access is an Azure Active Directory (AD) Premium feature that helps you address this challenge in a modern way.

In this chapter, we will discuss how you can configure compliance policies for Conditional Access within your Microsoft 365 environment. You will learn how you can allow or block access to the features in your tenant and how device compliance can be enforced with system security settings, such as a minimum password length and data encryption.

We will cover these topics in the following order:

• Explaining Conditional Access
• Enhancing Conditional Access with Intune
• Device-based Conditional Access
• App-based Conditional Access
• Monitoring Conditional Access events