Skip to content

Commit

Permalink
Zero trust identity-device policy article renames
Browse files Browse the repository at this point in the history
  • Loading branch information
@chrisda
chrisda committed Oct 10, 2023
1 parent 50c47c8 commit 979a5be
Show file tree
Hide file tree
Showing 47 changed files with 219 additions and 222 deletions.
14 changes: 7 additions & 7 deletions .openpublishing.redirection.enterprise.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -752,37 +752,37 @@
},
{
"source_path":"microsoft-365/enterprise/microsoft-365-policies-configurations.md",
"redirect_url":"/microsoft-365/security/office-365-security/microsoft-365-policies-configurations",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-overview",
"redirect_document_id":false
},
{
"source_path":"microsoft-365/enterprise/identity-access-prerequisites.md",
"redirect_url":"/microsoft-365/security/office-365-security/identity-access-prerequisites",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-prereq",
"redirect_document_id":false
},
{
"source_path":"microsoft-365/enterprise/identity-access-policies.md",
"redirect_url":"/microsoft-365/security/office-365-security/identity-access-policies",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-common",
"redirect_document_id":false
},
{
"source_path":"microsoft-365/enterprise/identity-access-policies-guest-access.md",
"redirect_url":"/microsoft-365/security/office-365-security/identity-access-policies-guest-access",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-guest-access",
"redirect_document_id":false
},
{
"source_path":"microsoft-365/enterprise/teams-access-policies.md",
"redirect_url":"/microsoft-365/security/office-365-security/teams-access-policies",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-teams",
"redirect_document_id":false
},
{
"source_path":"microsoft-365/enterprise/secure-email-recommended-policies.md",
"redirect_url":"/microsoft-365/security/office-365-security/secure-email-recommended-policies",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-exchange",
"redirect_document_id":false
},
{
"source_path":"microsoft-365/enterprise/sharepoint-file-access-policies.md",
"redirect_url":"/microsoft-365/security/office-365-security/sharepoint-file-access-policies",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-sharepoint",
"redirect_document_id":false
},
{
Expand Down
2 changes: 1 addition & 1 deletion .openpublishing.redirection.solutions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@
},
{
"source_path":"microsoft-365/solutions/configure-secure-access.md",
"redirect_url":"/microsoft-365/security/office-365-security/microsoft-365-policies-configurations",
"redirect_url":"/microsoft-365/security/office-365-security/zero-trust-identity-device-access-policies-overview",
"redirect_document_id":true
},
{
Expand Down
2 changes: 1 addition & 1 deletion ...-365/admin/security-and-compliance/multi-factor-authentication-microsoft-365.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ For more information, see this [overview of Conditional Access](/azure/active-di

### Azure AD Identity Protection

With Azure AD Identity Protection, you can create an additional Conditional Access policy to [require MFA when sign-in risk is medium or high](../../security/office-365-security/identity-access-policies.md#require-mfa-based-on-sign-in-risk).
With Azure AD Identity Protection, you can create an additional Conditional Access policy to [require MFA when sign-in risk is medium or high](../../security/office-365-security/zero-trust-identity-device-access-policies-common.md#require-mfa-based-on-sign-in-risk).

You can use Azure AD Identity Protection and risk-based Conditional Access policies with:

Expand Down
8 changes: 4 additions & 4 deletions microsoft-365/enterprise/cloud-only-prereqs-m365-test-environment.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@ description: Create a Microsoft 365 environment to test identity and device acce

*This Test Lab Guide can only be used for Microsoft 365 for enterprise test environments.*

[Identity and device access configurations](../security/office-365-security/microsoft-365-policies-configurations.md) are a set of recommended configurations and conditional access policies to protect access to all services that are integrated with Azure Active Directory (Azure AD).
[Identity and device access configurations](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md) are a set of recommended configurations and conditional access policies to protect access to all services that are integrated with Azure Active Directory (Azure AD).

This article describes how to configure a Microsoft 365 test environment that meets the requirements of the [cloud only prerequisite configuration](../security/office-365-security/identity-access-prerequisites.md#prerequisites) for identity and device access.
This article describes how to configure a Microsoft 365 test environment that meets the requirements of the [cloud only prerequisite configuration](../security/office-365-security/zero-trust-identity-device-access-policies-prereq.md#prerequisites) for identity and device access.

There are eight phases to setting up this test environment:

Expand Down Expand Up @@ -106,11 +106,11 @@ For Skype for Business Online:
Get-CsOAuthConfiguration
```

The result is a test environment that meets the requirements of the [cloud-only prerequisite configuration](../security/office-365-security/identity-access-prerequisites.md#prerequisites) for identity and device access.
The result is a test environment that meets the requirements of the [cloud-only prerequisite configuration](../security/office-365-security/zero-trust-identity-device-access-policies-prereq.md#prerequisites) for identity and device access.

## Next step

Use [Common identity and device access policies](../security/office-365-security/identity-access-policies.md) to configure the policies that build on the prerequisites and protect identities and devices.
Use [Common identity and device access policies](../security/office-365-security/zero-trust-identity-device-access-policies-common.md) to configure the policies that build on the prerequisites and protect identities and devices.

## See also

Expand Down
2 changes: 1 addition & 1 deletion microsoft-365/enterprise/contoso-identity.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ Here's the server running Azure AD Connect polling the Contoso AD DS forest for

## Conditional Access policies for Zero Trust identity and device access

Contoso created a set of Azure AD and Intune [Conditional Access policies](../security/office-365-security/identity-access-policies.md) for three protection levels:
Contoso created a set of Azure AD and Intune [Conditional Access policies](../security/office-365-security/zero-trust-identity-device-access-policies-common.md) for three protection levels:

- *Starting point* protections apply to all user accounts.
- *Enterprise* protections apply to senior leadership and executive staff.
Expand Down
6 changes: 3 additions & 3 deletions microsoft-365/enterprise/contoso-info-protect.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,9 +73,9 @@ Contoso followed these steps to prepare Microsoft 365 for enterprise for their i

As part of their rollout of Exchange Online and SharePoint, Contoso configured the following set of Conditional Access policies and applied them to the appropriate groups:

- [Managed and unmanaged application access on devices policies](../security/office-365-security/identity-access-policies.md)
- [Exchange Online access policies](../security/office-365-security/secure-email-recommended-policies.md)
- [SharePoint access policies](../security/office-365-security/sharepoint-file-access-policies.md)
- [Managed and unmanaged application access on devices policies](../security/office-365-security/zero-trust-identity-device-access-policies-common.md)
- [Exchange Online access policies](../security/office-365-security/zero-trust-identity-device-access-policies-exchange.md)
- [SharePoint access policies](../security/office-365-security/zero-trust-identity-device-access-policies-sharepoint.md)

Here's resulting set of Contoso policies for information protection.

Expand Down
2 changes: 1 addition & 1 deletion microsoft-365/enterprise/contoso-security-summary.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ To follow security best practices and Microsoft 365 for enterprise deployment re

- Safer device and application access with Conditional Access policies

Contoso is using [Conditional Access policies](../security/office-365-security/microsoft-365-policies-configurations.md) for identity, devices, Exchange Online, and SharePoint. Identity Conditional Access policies include requiring password changes for high-risk users and blocking clients from using apps that don't support modern authentication. Device policies include the definition of approved apps and requiring compliant PCs and mobile devices. Exchange Online Conditional Access policies include blocking ActiveSync clients and setting up Office 365 message encryption. SharePoint Conditional Access policies include additional protection for sensitive and highly regulated sites.
Contoso is using [Conditional Access policies](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md) for identity, devices, Exchange Online, and SharePoint. Identity Conditional Access policies include requiring password changes for high-risk users and blocking clients from using apps that don't support modern authentication. Device policies include the definition of approved apps and requiring compliant PCs and mobile devices. Exchange Online Conditional Access policies include blocking ActiveSync clients and setting up Office 365 message encryption. SharePoint Conditional Access policies include additional protection for sensitive and highly regulated sites.

- Windows Hello for Business

Expand Down
6 changes: 3 additions & 3 deletions microsoft-365/enterprise/deploy-identity-solution-overview.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,9 +136,9 @@ To deploy your identity implementation:
### Identity and device access recommendations
To help ensure a secure and productive workforce, Microsoft provides a set of recommendations for [identity and device access](../security/office-365-security/microsoft-365-policies-configurations.md). For identity, use the recommendations and settings in these articles:
To help ensure a secure and productive workforce, Microsoft provides a set of recommendations for [identity and device access](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md). For identity, use the recommendations and settings in these articles:
- [Prerequisites](../security/office-365-security/identity-access-prerequisites.md)
- [Common identity and device access policies](../security/office-365-security/identity-access-policies.md)
- [Prerequisites](../security/office-365-security/zero-trust-identity-device-access-policies-prereq.md)
- [Common identity and device access policies](../security/office-365-security/zero-trust-identity-device-access-policies-common.md)
-->
2 changes: 1 addition & 1 deletion microsoft-365/enterprise/desktop-deployment-center-home.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ Use these resources to deploy modern desktops:
- [Windows 10 deployment](/windows/deployment/)
- [Deploy Microsoft 365 Apps](/deployoffice/deployment-guide-microsoft-365-apps)
- [Microsoft Intune](/mem/intune/fundamentals/planning-guide)
- [Identity and device access policies](../security/office-365-security/microsoft-365-policies-configurations.md)
- [Identity and device access policies](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md)

You can also view the [Desktop Deployment series videos from Microsoft Mechanics](https://www.aka.ms/watchhowtoshift).

Expand Down
6 changes: 3 additions & 3 deletions microsoft-365/enterprise/device-management-roadmap-microsoft-365.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,10 +49,10 @@ Based on your assessment, get started managing your devices with:

## Identity and device access recommendations

Microsoft provides a set of recommendations for [identity and device access](../security/office-365-security/microsoft-365-policies-configurations.md) to ensure a secure and productive workforce. For device access, use the recommendations and settings in these articles:
Microsoft provides a set of recommendations for [identity and device access](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md) to ensure a secure and productive workforce. For device access, use the recommendations and settings in these articles:

- [Prerequisites](../security/office-365-security/identity-access-prerequisites.md)
- [Common identity and device access policies](../security/office-365-security/identity-access-policies.md)
- [Prerequisites](../security/office-365-security/zero-trust-identity-device-access-policies-prereq.md)
- [Common identity and device access policies](../security/office-365-security/zero-trust-identity-device-access-policies-common.md)

## How Contoso did device management for Microsoft 365

Expand Down
4 changes: 2 additions & 2 deletions microsoft-365/enterprise/identity-device-access-m365-test-environment.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ description: Create a Microsoft 365 environment to test identity and device acce

*This Test Lab Guide can only be used for Microsoft 365 for enterprise test environments.*

[Identity and device access configurations](../security/office-365-security/microsoft-365-policies-configurations.md) are a set of recommended configurations and conditional access policies to protect access to all services that are integrated with Azure Active Directory (Azure AD).
[Identity and device access configurations](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md) are a set of recommended configurations and conditional access policies to protect access to all services that are integrated with Azure Active Directory (Azure AD).

To create a test environment that has the common identity and device access configurations in place:

Expand All @@ -32,7 +32,7 @@ To create a test environment that has the common identity and device access conf
- [Password hash synchronization (PHS)](phs-prereqs-m365-test-environment.md)
- [Pass-through authentication (PTA)](pta-prereqs-m365-test-environment.md)

2. Use [Common identity and device access policies](../security/office-365-security/identity-access-policies.md) to configure the policies that build on the prerequisites configured for your test environment and explore and verify protection for identities and devices.
2. Use [Common identity and device access policies](../security/office-365-security/zero-trust-identity-device-access-policies-common.md) to configure the policies that build on the prerequisites configured for your test environment and explore and verify protection for identities and devices.

## See also

Expand Down
2 changes: 1 addition & 1 deletion ...rprise/increased-o365-security-microsoft-365-enterprise-dev-test-environment.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ In this phase, you enable increased Microsoft 365 security for your Microsoft 36

### Configure SharePoint Online to block apps that don't support modern authentication

Apps that do not support modern authentication cannot have [identity and device access configurations](../security/office-365-security/microsoft-365-policies-configurations.md) applied to them, which is an important element of securing your Microsoft 365 subscription and its digital assets.
Apps that do not support modern authentication cannot have [identity and device access configurations](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md) applied to them, which is an important element of securing your Microsoft 365 subscription and its digital assets.

1. Go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a> and sign in to your Microsoft 365 test lab subscription with your global administrator account.

Expand Down
4 changes: 2 additions & 2 deletions microsoft-365/enterprise/microsoft-365-secure-sign-in.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ Identity and device access policies are defined to be used in three tiers:

These tiers and their corresponding configurations provide consistent levels of protection across your data, identities, and devices.

Microsoft highly recommends configuring and rolling out Zero Trust identity and device access policies in your organization, including specific settings for Microsoft Teams, Exchange Online, and SharePoint. For more information, see [Zero Trust identity and device access configurations](../security/office-365-security/microsoft-365-policies-configurations.md).
Microsoft highly recommends configuring and rolling out Zero Trust identity and device access policies in your organization, including specific settings for Microsoft Teams, Exchange Online, and SharePoint. For more information, see [Zero Trust identity and device access configurations](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md).

## Azure AD Identity Protection

Expand All @@ -147,7 +147,7 @@ See the [steps to enable Azure AD Identity Protection](/azure/active-directory/i
- [Deploy identity for Microsoft 365](deploy-identity-solution-overview.md)
- [Azure Academy Azure AD training videos](https://www.youtube.com/watch?v=pN8o0owHfI0&list=PL-V4YVm6AmwUFpC3rXr2i2piRQ708q_ia)
- [Configure the Azure AD Multi-Factor Authentication registration policy](/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy)
- [Identity and device access configurations](../security/office-365-security/microsoft-365-policies-configurations.md)
- [Identity and device access configurations](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md)

## Next step

Expand Down
8 changes: 4 additions & 4 deletions microsoft-365/enterprise/phs-prereqs-m365-test-environment.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,9 @@ description: Create a Microsoft 365 environment to test identity and device acce

*This Test Lab Guide can only be used for Microsoft 365 for enterprise test environments.*

[Identity and device access configurations](../security/office-365-security/microsoft-365-policies-configurations.md) are a set of configurations and conditional access policies to protect access to all services in Microsoft 365 for enterprise that are integrated with Azure Active Directory (Azure AD).
[Identity and device access configurations](../security/office-365-security/zero-trust-identity-device-access-policies-overview.md) are a set of configurations and conditional access policies to protect access to all services in Microsoft 365 for enterprise that are integrated with Azure Active Directory (Azure AD).

This article describes how to configure a Microsoft 365 test environment that meets the requirements of the [hybrid with password hash sync authentication prerequisite configuration](../security/office-365-security/identity-access-prerequisites.md#prerequisites) for identity and device access.
This article describes how to configure a Microsoft 365 test environment that meets the requirements of the [hybrid with password hash sync authentication prerequisite configuration](../security/office-365-security/zero-trust-identity-device-access-policies-prereq.md#prerequisites) for identity and device access.

There are ten phases to setting up this test environment:

Expand Down Expand Up @@ -116,11 +116,11 @@ For Skype for Business Online:
Get-CsOAuthConfiguration
```

The result is a test environment that meets the requirements of the [Active Directory with password hash sync prerequisite configuration](../security/office-365-security/identity-access-prerequisites.md#prerequisites) for identity and device access.
The result is a test environment that meets the requirements of the [Active Directory with password hash sync prerequisite configuration](../security/office-365-security/zero-trust-identity-device-access-policies-prereq.md#prerequisites) for identity and device access.

## Next step

Use [Common identity and device access policies](../security/office-365-security/identity-access-policies.md) to configure the policies that build on the prerequisites and protect identities and devices.
Use [Common identity and device access policies](../security/office-365-security/zero-trust-identity-device-access-policies-common.md) to configure the policies that build on the prerequisites and protect identities and devices.

## See also

Expand Down
Loading

0 comments on commit 979a5be

Please sign in to comment.