Jef Kazimer😶‍🌫️

@[email protected]
529 Followers
132 Following
397 Posts

Product Manager @microsoft focused on cloud identity and security building Entra Azure Active Directory platform.

Disney adult and Star Wars 🤓

FocusI have an interest in cloud security and helping others keep their organizations secure as they move to cloud environments.
CareerPrincipal Product Manager in Microsoft Identity Engineering
DisclaimerMy Toots are my own and not that of my employer
Biohttps://jeftek.com
Jef Kazimer😶‍🌫️Oct 25, 2024
I had the joy to talk to so many wonderful people at the #microsoft booth here at the #SWE24 conference in Chicago today. #swe.
Jef Kazimer😶‍🌫️Oct 18, 2024

Cozy Cat Test

#cats

Show threadJef Kazimer😶‍🌫️Oct 18, 2023
Great graphic to show the relaitionship of risk information in the MS Graph API
Jef Kazimer😶‍🌫️Jul 11, 2023

Today was the announcement that #azuread is now becoming #entraid.

What is going to be the hardest part of this naming transition for you?

You can find all the docs on the new capabilities beyond just core EntraID at https://aka.ms/entradocs and guidance on the new naming conventions https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/new-name

#identity #security #cloudsecurity #microsoft #entra #azuread #entraid

Microsoft Entra documentation

Learn more about the Microsoft Entra family of multicloud identity and network access solutions. Find content to help solve secure access needs across your multifaceted digital landscape, protect access to any app or resource for any user, verify and secure every identity and every access request, discover permissions and govern access, and simplify user experience with intelligent real-time access controls.

Jef Kazimer😶‍🌫️Apr 22, 2023

I wanted to highlight a new Preview feature in Entra:

Report Suspicious Activity can elevate User Risk!

When you enable this feature, if an end user chooses to report fraud/suspicious activity during an MFA prompt, you can raise their user risk so you can take additional actions for the user.

But more importantly, it allows organizations to use risk based CA policies to allow the appropriate user to self mitigate using Risked Based CA policies. The appropriate users can self-mitigate without having to call the helpdesk.

I'll put links to the docs below, but let me explain more here.

I have worked with many customers who blocked users who reported fraud from MFA prompts, but this causes a burden on the SOC to review and unblock them, and also a burden on the user for doing the right thing in reporting it.

This could be blocking the user and having the SOC review to unblock them, but that is a BIG impact to the end user. If a user chooses to report it, they get penalized since now they have to contact the support desk so they can get back to work.

This disincentives users from doing it a 2nd time once they have that experience.

Now you can use that end user signal to elevate the users risk, much like "There is something abnormal happening!" and use the CA policies to block risk elevated users unless they can satisfy the CA policy controls.

Help your users become allies so they want to report the suspicious activity to block the attackers and not themselves.

This feature combined with the recent release of code match, and context not only gives end users better tools to make decisions for MFA prompts, but also a feed back mechanism to report suspicious activity.

Good security controls should help mitigate the attackers, and try to stay out of the way of the business user themselves from doing their role. We should keep this in mind when deploying security controls, as that the user experience matters.

❓Have you enabled this preview yet?
❓Have you deployed Risk Based CA policies to allow users to self-mitigate elevated risk?

Please like and share this since I think this one of those things many might not be aware of.

#entra #identity #security #azuread #mfa #risk

Jef Kazimer😶‍🌫️Feb 3, 2023

Join us on the upcoming live audio event on Spaces where we'll be talking about migrating from Windows Server 2012 R2 with guest Jeff Woolsey from the Windows Server product team at Microsoft

Have you started your migration yet?

https://www.linkedin.com/events/liveq-awmicrosoftproductgroupon7027131665885904896/

Hosting will be @baileybercik @markmorow @JefTek from the Microsoft Identity Engineering Product group

#microsoft #windows #server #identity #security

Live Q&A w Microsoft Product Group on Migrating from Windows Server 2012 R2 | LinkedIn

We'll be doing a live Q&A on Twitter Spaces with Jeff Woolsey, Principal Program Manager at Microsoft for Windows Server to talk about Migrating from Windows Server 2012 R2. Have you started your migration yet? Bring your questions and join us to get answers!

Jef Kazimer😶‍🌫️Feb 1, 2023

With the V2 of the MS Graph PowerShell SDK now out in public preview, I wanted to walk through using it in Azure Automation with a system managed identity and wrote up the steps here

https://cloudid.cc/UaotaI2J

Are you doing PowerShell with managed identities yet?

#powershell #azuread #entra #scripting #identity #o365 #office365

Using Azure Automation with Managed Identities to remove unredeemed B2B guests

A walkthrough of using Managed Identity with Azure Automation using PowerShell MS Graph SDK module for cleaning up stale invited B2B users

CloudID.space
Jef Kazimer😶‍🌫️Feb 1, 2023

Last week we held a live Q&A event with the Microsoft product group on LinkedIn Audio to talk about going passwordless! We had some really great questions and information shared, and I updated our archive page with the recording link and the list of links shared so you can give it a listen.

https://425show.com/spaces

  • Have you started going passwordless for your organization or are you still trying to require MFA for all users?

  • I am going to assume people require MFA for all administrative access already, right?

#passwordless #security #microsoft #passkeys #fido2 #MFA #identity #azuread #entra #productgroup

425Show Spaces - 425ShowWebsite

Jef Kazimer😶‍🌫️Jan 20, 2023

I'm hosting 'Why you SHOULD and CAN go Passwordless Today' live audio event with the Microsoft Identity product group!

Come join the live conversation https://www.linkedin.com/events/whyyoushouldandcangopasswordles7022014357022646272/

#microsoft #security #passwordless #entra #fido2 #securitykey #identity #azuread #entra

Why you SHOULD and CAN go Passwordless Today | LinkedIn

Come talk directly with the Microsoft Identity engineering product group about how you can utilize several capabilities in the Microsoft Entra Identity platform to enable your organization to become more secure while at the same time improving user experience on the journey to being passwordless. - Understand WHY you want to move toward Passwordless - Learn about the features available on HOW you can deploy passwordless today - Live Q&A to get your questions answered

Jef Kazimer😶‍🌫️Dec 19, 2022

"four Christmases" is the real holiday movie we can all relate to.

#ChristmasMovies