#OBTS v5.0 Improving macOS Security by Reducing Authentication Prompts - M. Morowczynski & M. Epping



Published
For slides go to: https://objectivebythesea.org/v5/talks.html

Talk Description:
Excessive authentication prompts are a bad experience for end users and are bad from a security perspective. To make matters worse, security teams frequently try to mitigate risk by invoking even MORE MFA prompts for the user to jump through. However, leveraging modern authentication protocols like OpenID Connect and Apple’s SSO extension framework, we were able to greatly cut down on authentication prompts without sacrificing security to access resources in Azure AD/M365.

In this talk, we’ll discuss how you can locate what is generating your excessive prompts in Azure AD, how the Enterprise SSO plug-in works under the hood, and how other apps can leverage this framework. Finally, we’ll take a look at additional passwordless authentication methods you can leverage today to further improve security and the end user experience.

Speakers Bio:
Michael Epping is a Senior Product Manager in the Azure AD Engineering team at Microsoft. He is part of the customer experience team and his role is to accelerate the adoption of cloud services across enterprise customers.

Michael helps customers deploy Azure AD features and capabilities via long-term engagements that can last years, as well as working within the engineering organization as an advocate on behalf of those customers. Michael has more than 9 years of experience working with customers to deploy Microsoft products like Azure AD, Intune, and Office 365. He's spoken at various industry events, such as BSides and The Experts Conference.

Mark Morowczynski (@markmorow) is a Principal Product Manager on the customer success team in the Microsoft Identity division. He spends most of his time working with customers on their deployments of Azure Active Directory. Previously he was Premier Field Engineer supporting Active Directory, Active Directory Federation Services and Windows Client performance.

He's spoken at various industry events such as Black Hat, Defcon Blue Team Village, Blue Team Con, GrayHat, several BSides, Microsoft Ignite, Microsoft Inspire, Microsoft MVP Summits, The Experts Conference (TEC), The Cloud Identity Summit, SANs Security Summits and TechMentor. He can be frequently found on Twitter as @markmorow arguing about baseball and making sometimes funny gifs.

Support the Objective-See Foundation:
https://www.objective-see.org/
https://twitter.com/objective_see
https://www.patreon.com/objective_see
Category
Management
Be the first to comment