Working from home best practice outlines

Blocking legacy authentication

Identify then block

Monitoring sign Ins from azure AD for any failed log ins

This is your only friend for supporting and trouble shooting

You must know what is the meaning of every tab, every column in this window specially every protocol

Enable Modern authentication (OAUTH With MFA feature)

3 ways to enable conditional access

My recommendations never apply security defaults

You can use the

registration policy

Azure Active Directory Identity Protection will prompt your users to register the next time they sign in interactively and they will have 14 days to complete registration. During this 14-day period, they can bypass registration but at the end of the period they will be required to register before they can complete the sign-in process.

For authentication method use mobile app (free)

Note: you must monitor first to make sure no one is using legacy authenticating

By default all versions of office starting from 2016 supporting modern Authentication

For office 2013 add the following registry keys after monitoring


Registry key









Use SSO for SAAS applications

Conditional access to block legacy authentication

Teams not share servers

Assign licenses to groups not users preferred dynamic groups

To publish on-prem services you can use azure proxy or WAP services

Remote Desktop Services (RDS) is the platform of choice for building virtualization solutions for every end customer need

You can use RDS With azure Proxy

Use enterprise applications to create new applications

Seamlessly deploy RDS with ARM and Azure Marketplace

Azure Information protection for protecting file when they are on cloud

Cloud app security for monitoring and controlling all users and files activities and Appling policies

Identity Protection

And finally read and read and read never apply without knowledge


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.