Demonstrating 3 core principles of Zero Trust.
A Helpdesk user needs to perform the password reset services to organization employees. See how Azure AD Privilege Identity Management service can help to provide Just-in-time access to activate password reset role to perform the activity with auditing functions.
An employee using a home PC, and tried to access corporate email and One drive to download a sensitive document. Employee also tried through Azure virtual desktop to copy paste the file to the personal PC. See how Azure AD conditional access policy with Defender for cloud apps (MCAS) session control have helped to block the download and enforced the corporate compliance.
An employee tried to sign-in MyApps portal using a TOR browser hiding the identity, Azure AD identity protection policy has detected the unusual sign-in method and blocked the access, and also user was forced to verify the identity and reset the password before gaining access to MyApps portal.