In the past, corporations built internal networks separated from the internet protected using classic components like firewalls, proxies, DMZs, secure zones and routing rules.
This security perimeter is slowly eroding:
- In a cloud world, companies tend to buy more and more Software-As-A-Service solutions that are hosted in the internet.
- Mobile corporate clients are now only partly inside corporate WiFi and mostly on the internet.
The new perimeter is the identity of the user and the surrounding aspects like the accessing device.
For bigger companies this is quite a challenge and this blog tries to give share some experience I gained in real-life projects.
About me
My name is Tobias Zügel. I am currently working as Lead Authentication Technologies Architect at Bayer.
My ambition is to improve end-user experience, tighten security and de-complexify architecture by enabling federation, multi-factor authentication, conditional access.
Right now, I am mostly focusing on Microsoft identity and security products: Azure AD Conditional Access, Azure AD B2B, Azure AD Application Proxy, Azure MFA, Microsoft Cloud App Security etc.