Privileged identity management is emerging as one of the hottest topics in cybersecurity. In this course, you’ll learn how to use Microsoft PIM to manage, control, and monitor access within Azure AD, Azure resources, and Microsoft Online Services.
Cybercriminals are relentless when it comes to finding and compromising their targets’ privileged credentials to gain unfettered access to critical assets. In this course, Implementing Microsoft Azure Privileged Identity Management, you will receive the most up-to-date knowledge on how to mitigate these security risks and to achieve compliance by securing, controlling, monitoring, analyzing, and governing privileged access on Azure AD, Azure resources, and Microsoft online services. First, you will learn how to quickly enable Microsoft PIM in your Azure tenant along with the licensing requirements to do so. Next, you will explore the concept of just in time access and just enough administration that will help you configure Microsoft PIM properly. Finally, you will get all the knowledge you need to enable workflow approval and access reviews along with some best practices that will help you properly manage PIM to meet your business needs. When you are finished with this course, you will have the skills and knowledge you need to enhance your overall security and compliance with more efficient administration and governance of privileged access.
Ammar is a Microsoft MVP specializing in Azure, Microsoft 365, and Cybersecurity. He is passionate about cloud computing and how it can change lives and transform a business.
Section Introduction Transcripts
Section Introduction Transcripts
Course Overview Hi everyone. My name is Ammar Hasayen, and welcome to my course, Implementing Microsoft Azure Privileged Identity Management. I'm a Microsoft MVP, security expert, have a bunch of certifications, and speak at international conferences about Microsoft 365 and Azure. Most of my work these days is with cloud computing and secure infrastructure. Privileged identity management is emerging as one of the hottest topics in cybersecurity. In this course, you will learn how to use Microsoft Privileged Identity Management solution to manage, control, and monitor access within Azure AD, Azure resources, and Microsoft Online Services. Some of the major topics that we will cover include what is Microsoft Privileged Identity Management and how to enable it in your tenant, when to use just-in-time access to activate a role, how to configure approval workflow before activating that role, and how to use access reviews to mitigate the risk of said admins. By the end of this course, you will know how Microsoft Privileged Identity Management can help you mitigate the risk of compromised privileged identities in your organization. Before beginning this course, you should be familiar with Azure and Azure role-based access control. I hope you will join me on this journey to learn how to protect privileged identities, with the Implementing Azure Privileged Identity Management course, at Pluralsight.
Introducing Azure Privileged Identity Management This is the course, Implementing Microsoft Azure Privileged Identity Management, and this module is Introducing Azure Privileged Identity Management. These are the questions that we are going to find the answers to. What is privileged identity? What is the problem and risks from using privileged identities? What is the damage from using them? And finally, what is Azure Privileged Identity Management and how can it help you?
Enabling Azure Privileged Identity Management Enabling Azure Privileged Identity Management. Here is what you will learn in this module. You will learn what licenses you need to use PIM in your tenant and who needs licenses. You will learn which account is needed to enable PIM. And finally, I'm going to teach you some best practices that you can use immediately after enabling PIM in your tenant.
Configuring Just in Time Access This module is Configuring Just in Time Access. Here is what you will learn in this module. I'm going to teach you what is just-in-time access, how just-in-time access works for both Azure resources and Azure Active Directory roles. I will help you understand the difference between role activation and role assignment. And we will end this module by talking about when to use just-in-time access in your environment.
Configuring Time-bound Access Here is what you will learn in this module. I'm going to teach you what time-bound access is, and we are going to spend some time showing the differences between just-in-time access, or shared, and time-bound access. And finally, I'm going to talk about when does it make sense to use time-bound access in your tenant.
Configuring Permanent Access This module is Configuring Permanent Access. In this module, you will learn when to use permanent access, some best practices when giving access to scripts and automation accounts, and then I'm going to teach you how to configure permanent access to virtual machines in Azure subscription.
Implementing Approval Workflows This module is Implementing Approval Workflows. With approvals for PIM, you can configure roles to require approval for activation and choose one or multiple users or groups as delegated approvers. Keep watching to learn how the PIM approval workflow works when activating a privileged role, some considerations when dealing with approval workflows, and finally, I'm going to share with you when it makes sense to implement approval workflows.
Exploring Privileged Identity Management Roles This module is Exploring Privileged Identity Management Roles. In this module, I'm going to show you the different Azure AD roles available for you as a PIM admin to choose from. Then, I'm going to walk you through the concept of Just Enough Administration to give people the right role for different tasks. Then, I'm going to share with you some best practices when assigning and when activating roles, and how to discover as an admin what roles are available to you to activate and what roles are currently active.
Configuring PIM Management Access We are at the Configuring PIM Management Access. In this module, you will learn who can manage PIM in your organization, that is who can administer the product and how you can add another PIM admins to help you manage PIM. Remember, you should always have more than one PIM admin.
Configuring PIM Access Review and Auditing This is one of my favorite modules, Configuring PIM Access Review and Auditing. In this module, we're going to talk about two main things. First, I'm going to talk about the auditing capabilities in PIM where a user can view his own audit logs and the PIM admin can view audit logs for all admins. Then, I will introduce the PIM access review feature, which is a great feature in PIM, and I'm going to teach you how to start an access review and how to finish and complete one.