Azure Active Directory Premium P1 is Coming to Microsoft 365 Business

Studies have shown that more than 73% of all business departments will have remote workers by 2028. This evolving work landscape has increased the need for companies to add enhanced security measures to address the risk vectors potentially created by remote work.

Azure Active Directory Premium P1 for MS365 Business

Microsoft 365 (M365) Business, as it is known since April 21, will soon roll out features within Azure Active Directory Premium P1 that enable real-world remote work security.

These features include Cloud Application Discovery, Application Proxy, and the ability to create dynamic groups as well as password-less authentication. These upgrades will ultimately allow employees to maintain secure access to their company’s applications and files from wherever their workdays take them.

Cloud Application Discovery

Before the addition of Azure Active Directory Premium P1 licensing in M365 Business, the bring-your-own-device environment created a gray area regarding what cloud applications were being used for employee applications.

With Azure Active Directory Premium P1, the Microsoft Cloud App Security (MCAS) is poised to upload, parse and analyze traffic data logs against its catalog of more than 16,000 cloud applications, as well as export data for additional offline analysis with either snapshot or continuous reports.

These applications are then ranked and scored based on more than 80 risk vectors to create assessments and reports that are the most meaningful to your business. Set up Cloud Discovery for your team or read the Frequently Asked Questions (FAQ) about this feature first.

A Secure & User-Friendly Application Proxy

The enhanced Application Proxy function in Azure Active Directory Premium P1 is easier to implement and more secure than VPNs and reverse proxy solutions. It allows employees to securely access business-critical applications from anywhere. Remote users will access on-premises apps as they would with Office 365 and other SaaS apps integrated with Azure ID. With App Proxy, there is no need to change or update your applications.

In addition, this cost-effective upgrade will allow your workforce to access on-premises (and cloud) applications through an external URL, or an internal application portal, without having to change network infrastructure or install additional appliances in your on-premises environment. Learn more about remote access to on-premises applications with App Proxy here.

Dynamic Groups

Automate the addition and removal of users from security groups based on their attributes, and make the data gathered more meaningful to individual work departments with the Dynamic Groups feature in Azure Active Directory Premium P1. Grant access to groups, assign users to groups, set operator precedence, and set rules with complex expressions (e.g. {user.proxyAddresses -any (_ -contains “contoso”}). Learn more about creating or updating a dynamic group in Azure Active Directory here.

Password-Free Authentication

Contrary to popular thought, traditional passwords and two-factor authentication (2FA) do not guarantee security (nor convenience). Azure Active Directory Premium P1 takes the frustration out of multi-factor authentication (MFA). Password-less authentication replaces traditional, ineffective passwords with something you already have (e.g. Windows 10 device, phone, security key, etc) along with something you “are” or something you know (e.g. biometrics, PIN, etc).

Since each business is different, Azure Active Directory allows you to have up to three options for password-less authentication: Windows Hello for Business, Microsoft Authenticator app, or FIDO2 security keys. View a full comparison of all three options here.