Privileged accounts and access needs particular attention alongside of the regular protection of user accounts in Azure Active Directory. Over the last years Microsoft releases many design principles, best practices and security concepts for securing privileged access in Microsoft Azure (such as "Enterprise Access Model" as evolution of the ESAE approach).

In my session I will speak about the latest aspects, considerations and solution approaches to protecting privileged identities and access in Microsoft Azure:

- Customizing and Designing of Azure and Azure AD RBAC concept
(Custom roles, security considerations of built-in roles)
- Adoption of Enterprise Access Model in Azure AD
- Reduce the exposure time of privileges (Azure AD PIM)
- Managed Access Package for Privileged Access Groups and Roles
- Protecting privileged accounts with advanced Conditional Access and MFA (including passwordless options)
- Access to Azure resources from a secure admin workstation

Level 300 session (including hands-on/live demos and notes from the field)