Summary
In this chapter, we went over the process of enabling SSO for enterprise applications, using different Azure AD authentication factors for MFA with the use of Azure AD CA policies. Microsoft claims that the use of MFA protects against 99.9% of attacks. To improve on that claim, we also discussed the use of Duo as a second factor of authentication, and how to configure Duo for a more secure Azure AD MFA.
In the next chapter, we will look at Okta, another provider of IAM products, and their solution for workforce users as well as users external to the company.
Later in the book, we are going to look again at Microsoft’s CA policies and how they can be used for continuous authentication.
