Conditional Access for Office 365 Apps Now Commercially Released

Azure Active Directory Conditional Access support for the Office 365 suite of applications is now at the "general availability" commercial-release stage, Microsoft announced on Thursday.

The Conditional Access for Office 365 apps capability, which lets IT pros set policies before users can access applications and services, had been at the preview stage back in February. These policies can do things like block application access by "legacy" (outdated) authentication methods or require access via a managed device, or even enforce multifactor authentication (a secondary ID verification process).

Conditional Access policies will work across all Azure AD-connected applications. There's support across Android, iOS, macOS and Windows platforms.

Conditional Access policies will work across Office 365 applications such as Exchange Online, Microsoft Teams and SharePoint Online. Additionally, policies can be set for various Microsoft services. A list of the apps and services that are supported by the Azure AD Conditional Access capability is shown in this Microsoft document.

The document included a note explaining that Conditional Access policies are not set on the client. Instead, they get imposed when a service gets called.

Here's how the document explained it:

The [Conditional Access] policy is not set directly on a client (public/native) application, but is applied when a client calls a service. For example, a policy set on SharePoint service applies to the clients calling SharePoint. A policy set on Exchange applies to the attempt to access the email using Outlook client.

Microsoft argued that the policy-setting process gets simplified for IT pros when using Azure AD Conditional Access across the Office 365 suite.

"Targeting the Office 365 Suite also means you don't need to watch for new apps and manually update your policy as they become available -- Conditional Access does that for you," the announcement stated.

Using Azure AD Conditional Access requires having an Azure AD Premium P1 license at minimum, according to this Microsoft "Overview" document.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


comments powered by Disqus

Subscribe on YouTube