You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/users-groups-roles/directory-admin-roles-secure.md
+1-16Lines changed: 1 addition & 16 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,20 +24,6 @@ The security of most or all business assets in the modern organization depends o
24
24
> [!NOTE]
25
25
> Microsoft is committed to the highest levels of trust, transparency, standards conformance, and regulatory compliance. Learn more about how the Microsoft global incident response team mitigates the effects of attacks against cloud services, and how security is built into Microsoft business products and cloud services at [Microsoft Trust Center - Security](https://www.microsoft.com/trustcenter/security) and Microsoft compliance targets at [Microsoft Trust Center - Compliance](https://www.microsoft.com/trustcenter/compliance).
26
26
27
-
<!--## Risk management, incident response, and recovery preparation
28
-
29
-
A cyber-attack, if successful, can shut down operations not just for a few hours, but in some cases for days or even weeks. The collateral damage, such as legal ramifications, information leaks, and media coverage, could potentially continue for years. To ensure effective company-wide risk containment, cybersecurity and IT pros must align their response and recovery processes. To reduce the risk of business disruption due to a cyber-attack, industry experts recommend you do the following:
30
-
31
-
* As part of your risk management operations, establish a crisis management team for your organization that is responsible for managing all types of business disruptions.
32
-
33
-
* Compare your current risk mitigations, incident response, and recovery plan with industry best practices for managing a business disruption before, during, and after a cyber-attack.
34
-
35
-
* Develop and implement a roadmap for closing the gaps between your current plans and the best practices described in this document.
36
-
37
-
38
-
## Securing privileged access for hybrid and cloud deployments
39
-
40
-
does the article really start here?-->
41
27
For most organizations, the security of business assets depends on the integrity of the privileged accounts that administer and manage IT systems. Cyber-attackers focus on privileged access to infrastructure systems (such as Active Directory and Azure Active Directory) to gain access to an organization’s sensitive data.
42
28
43
29
The traditional approach was to focus on the entrance and exit points of a network as the primary security perimeter. This approach is now less effective due to increased use of SaaS apps and personal devices on the Internet. The natural replacement for the network security perimeter in a complex modern enterprise is the authentication and authorization controls in an organization's identity layer.
@@ -227,8 +213,7 @@ The Azure Activity Log provides a history of subscription-level events in Azure.
227
213
228
214
Prepare Conditional Access policies for on-premises and cloud-hosted applications. If you have users workplace joined devices, get more information from [Setting up on-premises Conditional Access by using Azure Active Directory device registration](../active-directory-device-registration-on-premises-setup.md).
229
215
230
-
231
-
## Stage 3: Take full control of admin activity
216
+
## Stage 3: Build visibility and take full control of admin activity
232
217
233
218
0 commit comments