Conditional Access available in Microsoft 365 Business
25/06/2019

Conditional Access now available in Microsoft 365 Business!


Wayne Hollomby



Wayne Hollomby, Vuzion Solutions Architect, writes …

Microsoft has recently announced that Conditional Access is now part of the Microsoft 365 Business sku - and customers can start utilising its benefits from today, as it has automatically been enabled on all existing Microsoft 365 Business tenants.

This is great news, as the lack of this feature had meant that Microsoft 365 Business could not be considered a comprehensive security solution for SMBs, without the SMBs having to add additional licences.

What is Conditional Access?

A top concern for organisations when moving services to the cloud is security, particularly with users now able to access Microsoft 365 from anywhere in the world and from a multitude of devices that may or may not be company owned.

Conditional Access gives your customers the ability to control how their company data is accessed in a granular way that is policy based.

They can control by location, device state, cloud application, user or group, and sign-in risk, and even enforce MFA on a per-user or cloud application basis.

Below, are some of the common scenarios used with Conditional Access:

- Allowing access only from trusted network locations

- The ability to only enforce MFA when users are working outside trusted office locations

- Blocking legacy authentication protocols that don’t support MFA

- Only allowing devices that are managed by the IT department to access company data

- Ensuring only trusted apps can be used to access company data

- Require app protection polices to be used before access is granted on BYOD devices.

These are just a few examples, but from which you can see that Conditional Access really does give your customers back the control they may have had with a traditional firewall in the on-premises world, and demonstrate the depth and granular control that can be added to security for accessing and protecting company data in Office 365 and accessing third-party cloud applications using Azure AD for single sign-on.

Microsoft has really listened to feedback from partners and customers as Conditional Access has been a big ask, and have showed along with other additions in the past that have been enabled for Microsoft 365 Business - such as Hybrid Azure AD Join support, Shared computer activation for Office and self-service password writeback for on-premises users - that they’re improving the product based on real world feedback to help make Microsoft 365 Business a single unified sku for SMBs.

What you should do next to support your customers

To start planning a first Conditional Access policy, take a look at Microsoft’s planning article, How To: Plan your Conditional Access deployment in Azure Active Directory.

Vuzion also has a professional service that can help with Conditional Access policy setup - get in touch and we can discuss your requirements. You can reach us on 0333 003 0427 (or +353 1 685 6191 for the Ireland team), or at partners@vuzion.cloud (partners@vuzion.ie).  

Microsoft Inspire 2019 - Satya Nadella c...
18/07/2019

Microsoft Inspire 2019 - Satya Nadella c...

18/07/2019
Nadella highlighted key developments, including for Azure, Dynamics 365 and Microsoft 365
Vuzion Ireland awarded 2019 Microsoft Ch...
16/07/2019

Vuzion Ireland awarded 2019 Microsoft Ch...

16/07/2019
Vuzion Ireland’s journey into the Irish CSP marketplace has certainly been momentous over the last two years.
Microsoft Inspire 2019 Corenote: Milesto...
16/07/2019

Microsoft Inspire 2019 Corenote: Milesto...

16/07/2019
Microsoft Inspire's first corenote of 2019 introduced the message of "democratising digital" - equipping ever...