Over time, conditional access has taken on an ever-increasing role in corporate access management and is now the (!) policy enforcement engine of a modern Zero Trust architecture. So it's not surprising that Microsoft is also relying on Conditional Access for Global Secure Access and making it the primary point of policy enforcement for Secure Web Gateway and Zero Trust Network Access!

In this session I would like to discuss

* what elements GSA integrates with CA and what features are being added
* how to use CA Policies to configure Entra Internet Access
* how to cleverly structure CA policies for Entra Private Access Apps
* why using GSA also gives you advantages when accessing Microsoft 365 Services Security.
* why there are several connections between GSA and Continuous Access Evaluation.

In addition to the limitations and incompatibilities that you should be aware of in order to design a sensible rule set, I would also like to give you an outlook on the effects that Global Secure Access can have on your existing conditional access rule set.

Based on my previous project experience in this field, I can

* give you an outlook on the impact of a Global Secure Access implementation on the existing Conditional Access rule set.
* report on experiences with the division of labor and collaboration between Global Secure Access Admin and Conditional Access Admin
* present suggestions for sensible policies

Level 300 - 40 minutes