Privileged accounts and access needs particular attention alongside of the regular protection of user accounts in Microsoft Entra. Over the last years Microsoft releases many design principles, best practices and security concepts for securing privileged access in Microsoft Azure (such as "Enterprise Access Model" as evolution of the ESAE approach).

In my session I will speak about the latest aspects, considerations and solution approaches to protecting privileged identities and access in Microsoft Azure:

- Customizing and Designing of Azure and Entra ID RBAC concept
(Custom roles, security considerations of built-in roles)
- Adoption of Enterprise Access Model in Microsoft Entra
- Reduce the exposure time of privileges (Identity Governance)
- Managed Access Package for Privileged Access Groups and Roles
- Protecting privileged accounts with advanced Conditional Access and MFA (including passwordless options)
- Access to Azure resources from a secure admin workstation

Level 300 session (including hands-on/live demos and notes from the field)