Tailwind Traders needs to ensure that only its workforce can access its growing set of cloud applications, both from any location and from any device.
In building out its plan, Tailwind Traders learns that:
- Authentication (AuthN) establishes the user's identity.
- Authorization (AuthZ) establishes the level of access that an authenticated user has.
- Single sign-on (SSO) enables a user to sign in one time and use that credential to access multiple resources and applications.
- Azure Active Directory (Azure AD) is a cloud-based identity and access management service. Azure AD enables an organization to control access to apps and resources based on its business requirements.
- Azure AD Multi-Factor Authentication provides additional security for identities by requiring two or more elements to fully authenticate. In general, multifactor authentication can include something the user knows, something the user has, and something the user is.
- Conditional Access is a tool that Azure AD uses to allow or deny access to resources based on identity signals such as the user's location.
With these ideas in place, the software development and IT administrator teams can begin to replace their existing authentication systems with ones that use multiple factors and allow access to multiple applications.
Here are more resources to help you go further: