Microsoft has added identity and access management capabilities employing GPS among other factors to its Azure Active Directory, a cloud identity solution, to counter sophisticated hacking techniques. Two-factor authentication is no longer sufficient to defend against malicious entry. The GPS-based named locations and filters look at a range of signals for authorized user access.
“People are very focused on taking advantage of identity, it’s become a classic: hackers don’t break in, they log in,” stated Microsoft chief information security officer (CISO) Bret Arsenault.
“The GPS-based named locations and filters for devices enable a new set of scenarios, such as restricting access from specific countries or regions based on GPS location and securing the use of devices from Surface Hubs to privileged access workstations,” added Vasu Jakkal, corporate vice president for Microsoft Security, Compliance and Identity in a blog post.
“An IP address may not be enough context to validate the location from which an employee is logging in, especially if that company has strict requirements for a particular application or resource,” said Microsoft Security general manager Andrew Conway.
“In these strict access scenarios, ” which MicroSoft has dubbed Zero Trust, “a user will receive a prompt on the Microsoft Authenticator app requesting them to share their location to confirm the country. This could be layered on top of other policies, such as requiring multi-factor authentication.”
The process is explained in an online company document, “Using the location condition in a Conditional Access policy.”
Developers’ instructions to use the feature can be read at Conditional Access GPS-based named locations now in public preview.
“Verifying explicitly requires the ability to make real-time access decisions based on all available information for any user trying to access any resource,” states the Jakkal post. “For us, Azure AD Conditional Access is this real-time access policy engine, which looks at all the data and signals related to the user gaining access, and today we’re announcing powerful new features that give admins more granular access controls while making it easier to control a growing list of policies. The GPS-based named locations and filters for devices enable a new set of scenarios, such as restricting access from specific countries or regions based on GPS location and securing the use of devices from Surface Hubs to privileged access workstations.”
“Hackers launch an average of 50 million password attacks every day—579 per second,” she writes in a separate blog post. “Phishing attacks have increased. Firmware attacks are on the rise, and ransomware has become incredibly problematic. And while Microsoft intercepted and thwarted a record-breaking 30 billion email threats last year, our work is never done.
“We are now actively tracking 40-plus active nation-state actors and over 140 threat groups representing 20 countries—that number used to be a handful.”
The company developed GPS-based Conditional Access in part as a response to shifting work habits as a result of the covid pandemic. The recent Solar Winds hack was an additional stimulus, andif any further validation were required, the Continental Pipeline break-in furnished it, to the reported tune of $5 million.