Zero Trust User Access with Azure AD Demos

Demonstrating 3 core principles of Zero Trust.

Least Privilege

A Helpdesk user needs to perform the password reset services to organization employees. See how Azure AD Privilege Identity Management service can help to provide Just-in-time access to activate password reset role to perform the activity with auditing functions.


Explicitly Verify

An employee using a home PC, and tried to access corporate email and One drive to download a sensitive document. Employee also tried through Azure virtual desktop to copy paste the file to the personal PC. See how Azure AD conditional access policy with Defender for cloud apps (MCAS) session control have helped to block the download and enforced the corporate compliance.


Assume Breach

An employee tried to sign-in MyApps portal using a TOR browser hiding the identity, Azure AD identity protection policy has detected the unusual sign-in method and blocked the access, and also user was forced to verify the identity and reset the password before gaining access to MyApps portal.