Enforce access policies for teams while maintaining permissions to on-prem apps without code changes. Start managing groups and users in the cloud with Microsoft Entra ID. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

Migrate your critical AD groups to the cloud to secure access to important apps. See how to make Microsoft Entra the source of authority. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

Migrate your critical AD groups to the cloud to secure access to important apps. See how to make Microsoft Entra the source of authority. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

Migrate your critical AD groups to the cloud to secure access to important apps. See how to make Microsoft Entra the source of authority. https://lnkd.in/g7nW-Ksn Strengthen your security posture by moving groups and users from Active Directory to Microsoft Entra. This gives you seamless access for your teams, stronger authentication with MFA and passwordless options, and centralized visibility into risks across your environment. Simplify hybrid identity management by reducing dual overhead, prioritizing key groups, migrating users without disruption, and automating policies with Graph or PowerShell. #IDGovernance #microsoftsecurity #azureactivedirectory #microsoftentraid #entra #microsoft

This is an excellent capability. RDP is an exposure everywhere, and any time it can be controlled via strong identity and MFA, jump on that. This will make cloud server management more secure, we need something similar for on premise

Azure Tenant vs Subscription vs Landing Zone (Plain English) These three Azure terms are often used interchangeably — but they mean very different things. Tenant 👉 Your organization’s identity boundary Users, groups, authentication, trust live here. Subscription 👉 Where resources run and costs are tracked Used to separate environments, teams, and billing. Landing Zone 👉 A pre-configured subscription Security, identity, networking, logging, and governance are already in place so teams can deploy safely. Think of it this way: a) Tenant = the company b) Subscription = departments or cost centers c) Landing Zone = a ready-to-use, secured environment If you’ve standardized identity, RBAC, policies, and networking, you already have a landing zone — even if you don’t call it that. #Azure #CloudEngineering #PlatformEngineering #DevSecOps #AzureLandingZone

Azure Bastion Bastion provides secure and seamless RDP and SSH connectivity to your virtual machines directly from the Azure portal using Transport Layer Security (TLS). Key benefits of Azure Bastion:- RDP and SSH directly in Azure portal -Remote session over TLS and firewall traversal for RDP/SSH -No Public IP required on the Azure VM -No hassle managing NSGs -Protection against port scanning Azure Bastion offers four SKU(Stock-Keeping Unit) Plans tiers—  "Developer, Basic, Standard, and Premium" *Developer (Free):-Offers basic private RDP/SSH access,No scaling, limited features like no peered network access. *Basic: Cost-effective,same-VNet connections, concurrent sessions, basic features Limited to 2 instances *Standard :- most use cases, offering flexibility and scaling,VNet peering,File Transfer/Copy-Paste,Supports multiple instances (host scaling) for more connections. *Premium: For enterprise needs, highest capability.Standard features plus session recording, high concurrency File Transfer/Copy-Paste #SC-900 #Microsoft Microsoft Learn

🚨 New Medium Post 🚨 Managing client secrets & certificates for Azure services is an operational headache that often leads to security gaps. And, Azure Workload Identity in AKS is a great solution to this issue. However, did you know that you can actually implement Azure Workload Identity on a non-AKS cluster? I recently implemented Azure Workload Identity on my self-managed OpenShift 4.20 cluster to achieve secretless authentication for tools like the External Secrets Operator (it connecting to Azure Keyvault without app registration credentials). By configuring a custom OIDC issuer and the workload identity webhook, pods can now securely access Azure services without any static credentials like client certificate or client secret. This approach significantly reduces maintenance overhead while aligning with modern security best practices for Kubernetes workloads. The link to this medium post is in the comments!

The Future of Secure Access Control with Microsoft Entra ID! Formerly Azure AD, Microsoft Entra ID enhances identity and access management across Microsoft 365 and cloud platforms. Pros: ✅ Single sign-on (SSO) for seamless access ✅ Multi-factor authentication for stronger security ✅ Conditional access policies to reduce risk Cons: ❌ Requires proper configuration to avoid lockouts ❌ Licensing needed for full feature set ❌ May be complex for smaller IT teams Why Consider It? TBIG configures Microsoft Entra ID to ensure secure access to cloud apps and services without compromising usability. Protect identity at every login! TBIG implements Microsoft identity tools with expert configuration and support ... Contact us today to find out more! 📞 011 822 4353 | 🌐 www.tbig.co.za #TBIGTechTuesdays

A New Year’s Resolution for IT Leaders: Retire Your Active Directory Servers I know—this is a tall order. Active Directory has been the backbone of enterprise identity for decades, and for many organizations it still “works.” But if you’re still running on-prem AD servers, 2026 is a good time to seriously question why. On-prem identity infrastructure: -Increases your attack surface -Requires constant patching and care -Creates unnecessary dependency on legacy architecture -Slows down modern security initiatives like Zero Trust and conditional access Cloud identity platforms like Microsoft Entra ID, Okta, and others weren’t built as bolt-ons—they were built for how we work now: remote, SaaS-heavy, identity-centric. This doesn’t mean a reckless rip-and-replace. Hybrid transitions are often the right first step. But the direction matters. If identity is your new perimeter, ask yourself: Why is it still living in a server rack? Food for thought as we head into the new year.