RSMUS.comIn today’s digital age, securing access to resources and data is more important than ever. Microsoft’s Global Secure Access offers a comprehensive solution, addressing several key areas in the realm of secure access. This post will delve into three major aspects: Security Service Edge (SSE), replacing legacy VPN solutions, and providing Multi-Factor Authentication (MFA) for Remote Desktop Protocol (RDP) sessions via Conditional Access.
An Overview of Security Service Edge (SSE)
Security Service Edge (SSE) is a convergence of network, identity, and endpoint access controls delivered from a purpose-built cloud platform. It enables and orchestrates access policy management for employees, business partners, and digital workloads.
SSE leverages Microsoft’s vast global network to minimize latency and boost employee productivity with fast and seamless access to apps and resources. Built on Zero Trust principles, this easy-to-deploy SSE solution protects against threats with comprehensive, cloud-delivered security services.
Replacing Legacy VPN Solutions
Traditional network security approaches that use legacy VPNs simply cannot scale to modern demands. Once remote users connect to your corporate network through VPN, they are granted excessive access to your entire network. This can lead to security vulnerabilities, as all it takes is a single compromised user account, infected device, or open port for an attacker to gain entry.
Microsoft’s Global Secure Access, specifically Microsoft Entra Private Access, offers an identity-centric Zero Trust Network Access (ZTNA) solution. This reduces the operational complexity and cost of legacy VPNs, while eliminating excessive access and preventing lateral movement. It modernizes access to private applications and resources, helping users quickly and easily connect to private applications from any device and any network.
Providing MFA for RDP Sessions via Conditional Access
Securing remote access is a critical aspect of any organization’s security strategy. Microsoft’s Conditional Access provides a robust solution for enforcing Multi-Factor Authentication (MFA) for Remote Desktop Protocol (RDP) sessions.
Conditional Access policies can be used to enable MFA for all users. These policies can assess risk in real time using identity, device, and application signals, and apply additional network conditions to protect any apps or resources. This ensures that only authenticated and authorized users can access your resources, thereby enhancing your organization’s security posture.
Want to learn more?
For more information or to schedule a consult with RSM please reach out to Trent Chamness (trent.chamness@rsmus.com) or Jonathan Blaue (Jonathan.blaue@rsmus.com)
Trent Chamness
Summary of experience As a member of RSM’s Modern Workplace solution set, Trent is responsible for deploying security technology to encourage secure productivity, engagement, and collaboration. Trent also works closely with the Security Transformation Services at RSM to review client cloud platforms and provide recommendations for security improvement. Trent has worked on various projects with the firm including end point security, data loss prevention (DLP), identity & access management (IAM), tenant security hardening for Azure, Amazon Web Services (AWS), and Microsoft/Office 365 security assessments. Prior to joining RSM, Trent worked as an IT Support Specialist for a construction company located in Chicago, Illinois. While with his previous employers, Trent focused on improving network and systems infrastructure. Trent also has experience running network vulnerability scans and providing recommendations for how to align to various security frameworks. In his current role, Trent works with clients to help improve security posture and reduce risks associated with technology. Professional affiliations and credentials • Microsoft 365 Expert Administrator • Microsoft 365 Security Administrator • Azure Security Engineer • Azure Fundamentals Education • Bachelor of Science, Business Administration, Lewis University