Session

Zero Trust Emergency Access: A Multi-Layered, Passwordless Solution

As you know, Microsoft recommends to use break glass accounts and exclude them from your security configuration. These break glass accounts can be used in case of emergency, for example when there are issues with Microsoft Entra Id Conditional Access. In most cases these break glass accounts are protected by complex passwords only, making them vulnerable for attack.

In this session, I will discuss and demonstrate a more secure alternative to using break glass accounts as we know them today. This alternative uses a multi layered authentication flow without the need for MFA.

I will show the solutions architecture, and how all components are connected and automated using Graph API. Next I will demonstrate how to login using a certificate allowing you to modify permissions needed to change your CA policies.

At the end of the session, we have created a multi-layered password less emergency account using a Zero Trust philosophy.

Sander Rozemuller

Freelance Creative Cloud Developer & Architect - Microsoft MVP

Vroomshoop, The Netherlands

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top