Microsoft Announces General Availability of Azure AD Continuous Access Evaluation
Microsoft unveiled a new Continuous Access Evaluation (CAE) security solution for its Azure AD Conditional Access service back in October 2020. The company has recently announced that the CAE feature is generally available for enterprise customers.
With this new service, Azure Active Directory customers can securely revoke an access token and force a re-authentication of the specific user as a result of an event or a context change for CAE compatible clients. CAE support is currently available for Exchange Online, SharePoint Online, and Microsoft Teams. You can check out the full list of all supported platforms on this support page.
Microsoft says that CAE is a part of its “Azure AD Zero Trust Session Management portfolio,” and it enables customers to enforce account lifecycle events and policies such as account revocation, account disablement/deletion, password change, user location change, and user risk increase.
“With CAE, we have introduced a new concept of Zero Trust authentication session management that is built on the foundation of Zero Trust principles–Verify Explicitly and Assume Breach. With the Zero Trust approach, the authentication session lifespan now depends on session integrity rather than on a predefined duration,” the company explained.
How to migrate Continuous Access Evaluation (CAE) settings to a Conditional Access policy
IT Admins will be able to access the CAE feature under the “Session” blade menu item available on the Azure portal. For organizations that have previously configured CAE settings under “Security,” Microsoft has provided a step-by-step guide to migrate settings to a new Conditional Access policy.
- Sign in to the Azure portal and navigate to Azure Active Directory >> Security >> Continuous access evaluation.
- The Continuous access evaluation (Preview) page will show an option to Migrate your policy.
- Then, browse to “Conditional Access” and search for the “CA policy created from CAE settings.” You can either create a new policy or customize an existing Conditional Access policy (if needed).
The Continuous Access Evaluation (CAE) feature is now enabled by default for all Azure Active Directory customers. However, keep in mind that only Azure AD Premium 1 customers will be able to configure or disable CAE in their organizations.
More in Azure Active Directory
Microsoft Blocks Unmanaged Azure AD Guest Accounts
Sep 6, 2022 | Rabia Noureen
Mandiant Warns Hackers Now Use New Trick to Bypass MFA
Aug 22, 2022 | Rabia Noureen
Microsoft Adds Time-Based One-Time Passcode Support to Azure AD
Aug 18, 2022 | Rabia Noureen
Which Azure AD Connect Versions Are Currently Supported?
Aug 17, 2022 | Michael Reinders
Microsoft Entra Verified ID Service is Now Generally Available
Aug 9, 2022 | Rabia Noureen
Microsoft Releases Updates for Azure AD Certificate-Based Authentication
Jul 28, 2022 | Rabia Noureen
Most popular on petri