The Azure Active Directory Team recently beefed up its efforts to protect its customer base with the announcement of AD Identity Protection support of federated identities. Essentially, AD clients who utilize Directory Federation Servers with Azure AD will now benefit from an advanced filtering security process.
Programming Manager Salah Ahmed of the Identity Security and Protection team at Microsoft, explains the new security support system as such:
Starting today, all of Identity Protection’s risk event types will be covered for federated identities! Now you can tell if botnet infections, TOR networks, or location anomalies are present in your federated sign-ins. [Note that leaked credentials detection requires that you have enabled password hash sync in your federated tenant.]”
AD customers also gain the ability to “blocking or enforcing MFA on risky sessions is available for federated identities.”
What this means it that your federated identities have an extra layer of protection when they try to access cloud services such as Office 365, Azure, or *any* apps configured for Single Sign-On with Azure Active Directory!
If the administrator has configured a policy to enforce MFA on sign-in risks, the next time a risky sign-in is detected, the user is informed that something unusual was detected about their sign-in.”
For more details on how to set up multi-factor authentication (MFA) or administrative configurations, visit Microsoft’s Active Directory Team blog.