Conditional Access Policy Templates
In this post, we will look at Conditional Access Policy Templates a feature which is currently still in Public Preview.
These templates are designed to provide a more convenient method of deploying new policies based on Microsoft’s recommendations.
If you are new to Conditional access policies or simply just want to add additional protection to your existing environment.
To get started lets head over to https://portal.azure.com and type “Conditional access” in the search bar.
On the Conditional Access Portal click on “+ New policy” and select “Create new policy from templates “preview”
On the new policy page, you will have a choice of creating a policy based on categories, the available categories are:
- Identities: These policy templates assist with securing identities with string authentication across the organizations digital estate.
- Devices: The devices policy templates assist with providing visibility into which devices access the network. Ensure compliance and health status before granting access.
As a demonstration we will create a Conditional Access policy based on Identities and use the policy templates to block “Legacy Authentication”
Select “Identities” form the policy template page and click next.
You will now see a few policy options based on Identify. here I will select “Block Legacy Authentication”
At the bottom of the page an automated name will be generated. You can also decide if you want to have it On or in Report-Only mode.
I will select “On” and select “Next”
Next you will be presented with the Review option to verify the policy config and then click on create policy.
After your policy has been created, you will now see it listed in your current policies.
The new policy templates are a good way for admins to get started with conditional access policies and enhance the security and protection in their digital estates.