Introduction
Azure Key Vault
Azure Security Center
Single Sign-On for SaaS Applications
Public Consumer Identity Providers
Conclusion
The course is part of these learning paths
As companies race toward the cloud, it’s imperative that IT professionals keep up with the times. Keeping up with the times means maintaining the ability to deploy and maintain cloud-based solutions – particularly those offered through Microsoft Azure.
In this course, you will learn how to create and manage encryption keys in Azure, prevent and respond to security threats to Azure resources, configure access to Azure applications via single sign-on, manage access to Azure applications, and configure federation with public consumer identity providers like Facebook and Google.
Learning Objectives
- Create and import keys in the Azure Key Vault
- Define, configure, and assess security policies
- Harden Azure resources against threats
- Configure single sign-on for SaaS applications
- Configure federation with public consumer identity providers like Facebook and Google
Intended Audience
- People interested in becoming Azure security engineers
Prerequisites
- General knowledge of IT infrastructure
- General knowledge of the Azure environment
When adding an application from the Azure AD Application Gallery, you can configure authentication to leverage single sign-on. One of the single sign-on methods available is the password-based single sign-on option. Using password-based single sign-on is a great way to get an application integrated into Azure AD quickly. To configure a password-based single sign-on for an application, browse to the Azure portal, and sign in as a Global Administrator.
As you can see here, I've already done so. From within the Azure portal, click on Azure Active Directory in the left navigation menu. In the blade that opens, select Enterprise Applications. For the purposes of this demonstration, we're going to add GoToMeeting as an application, and we're going to turn on password-based single sign-on. So we click Add to add an application and select GoToMeeting. You can go ahead and click Add. And from the there, the application is added.
When we go back into Azure Active Directory and into Enterprise Applications, we can see GoToMeeting listed. To configure password-based single sign-on for this application, we simply select the application and click single sign-on. As you can see, the application by default has single sign-on disabled. To enable single sign-on, change the dropdown to password-based sign-on, and click Save. Refreshing the screen will update the sign-on URL. As an administrator, you can also provide the app credentials on behalf of your users, by going into Users and groups and updating credentials for your users.
For example, I could go ahead and select Jen here, and update Jen's credentials. And from the Update Credentials screen, I can enter Jen's email address and password, that is used to access GoToMeeting, so when she authenticates to the GoToMeeting application, she doesn't even need to know the login information. Clicking Save stores the credentials, and the next time Jen launches GoToMeeting from her application dashboard, the credentials will be presented and she won't even have to know what they are. So as you can see, leveraging password-based single sign-on makes onboarding applications into a single sign-on environment rather straightforward.
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.