Identity and Access Management (IAM) Solutions

Lower IT costs, enhance your security and enable productivity

IT environments are ever-evolving, and difficulties in managing this have only increased over time. With the rise in BYOD (bring your own device), cloud applications, mobile apps, and the rapid growth in expectations of a mobile workforce, more devices and services need to be managed than ever before. With such a wide range of requirements and privileges required for users to function within an Enterprise organisation, ensuring your sensitive data and accounts are protected is paramount.

Having an IAM solution at the heart of your organisation, is essential in today’s modern world. Whether your organisation is looking at the initial integration of Active Directory identities with Azure AD, or looking to maximise the value of your Azure AD Premium investment, Content and Code understand the security challenges that your organisation faces helping you to deliver unparalleled business value, through innovative Identity and Access Management solutions.

The three pillars of enterprise Identity and Access Management (IAM)

Identity Management

Access Governance

Directories

Employees roles and duties can change

With the growth in the number of SaaS applications being utilised across enterprise organisation’s adoption of critical business application can suffer. With this in mind it, can be difficult to manage digital identities of your workforce. Privileges can be granted, but sometimes they will need to be revoked, to protect sensitive information with Azure AD.

Initiate, capture, manage and record digital identities

A lack of effective identity and access management can pose a significant threat risk – not only to compliance, but your organisation’s overall security. The mismanagement of digital identities, significantly increases the risk of damage to both internal, and external threats to your sensitive corporate information.

If your organisation already has an established IAM solution on-premises, Azure AD can be introduced to add similar levels of controls to your cloud applications.

Just some of the clients we have helped to transform their workplace

the nec Murphy Group Pizza Hut Restaurants Mace Group Easy Jet BBC

As the UK’s largest Office 365 partner, Content and Code have helped more than 300 clients including; Balfour Beatty, the BBC, Condé Nast, Everything Everywhere, Metro Bank, Wates Construction and Vodafone achieve their business goals with Microsoft technologies. Content and Code can help you too.

Tiered approach to Identity and Access Management

With a tiered approach to Identity and Access Management (IAM) for wherever your organisation is on its journey, Content and Code will help you understand identity and access management in the context of your organisation.

Identity Integration

Azure AD Premium

AD FS and WAP Hardening

Office 365 Extranets

Identity Integration Workshop and Concept

Integrating on-premises Active Directory Domain Services (AD DS) users with Azure AD to establish Same or Single Sign-On (SSO) is typically a prerequisite to Office 365 usage. Within the Office 365 Identity Integration workshop there are two specific routes taken to achieving a Synchronised Identity model for Office 365: Password Hash Sync (PHS) and Pass-through Authentication.

We will validate this approach during the Office 365 Identity Integration Workshop, and document the rationale in the Office 365 Identity Integration Concept. Your design will also detail your proposed Azure AD Connect topology and configuration, based on planned Office 365 and AAD feature usage.

What’s included:

  • Identity and Access Management disciplines and the Microsoft cloud
  • Office 365 Identity Model selection
  • Active Directory Domain Services
  • Identity Synchronisation with Azure AD Connect
  • Sign-on at Azure AD and Office 365
  • Active Directory Federation Services
  • Azure AD Premium Workshop and Concept

    The Content and Code, Azure Active Directory Premium (AAD-P) workshop builds upon synchronisation and sign-on designs from your Identity Integration strategy to enhance security provisions with stronger authentication, new approaches to authorisation, perimeter services and insights.

    The AAD-P workshop will introduce Azure AD technologies, align these technologies to your business problems, clarify priorities and sets out a roadmap to support deeper design and implementation work.

    What’s included:

  • Azure AD technology training
  • Aligning your business problems to Azure AD technologies
  • Complete Azure AD design work where possible, such as for Self-Service Password Reset and Cloud App Discovery
  • Provide tenant configuration information to implement all services to be used in first phase of your Identity and Access Management journey
  • Production of an Azure AD Concept document, capturing these design and configuration outcomes, and intended scope of deployment
  • Further routes to take upon completion:

    Azure AD SSO to SaaS

    Azure MFA and Conditional Access Workshop, Design and Implementation

    Azure MFA Server Workshop Design and Implementation

    AD FS and WAP Hardening Workshop

    The AD FS workshop enables your organisation to create a stable hardening profile for Active Directory Federation Services (AD FS) and Web Application Proxy (WAP). By reducing the attack surface of these servers by up to sixty services, the workshop offers guidance on disabling legacy authentication protocols and related best practices.

    This workshop will help your operational and security stakeholders find the right balance between opportunities to disable unnecessary functionality, and potentially breaking necessary functionality that non-default applications and services require. Content and Code will provide the completed “hardening tool”, which generates scripts to apply this configuration to your AD FS and WAP servers.

    What’s included:

  • Review non-default applications and services on standard builds
  • Review typical uses of Windows services
  • Identify opportunities to restrict legacy authentication protocols
  • Reach agreements on service configuration where the effects of disabling the service may be unknown
  • Provide tooling that can be directly used to harden servers
  • Office 365 Extranet Workshop and Design

    The Content and Code Office 365 Extranet Workshop readies your organisation to safely share corporate information with external parties such as suppliers, vendors, partners and customers. This workshop unveils the effects of administrative options at the Office 365 tenant scope, within Azure AD B2B, SharePoint Online administration and at the Site Collection level.

    Beyond these controls, there is a focus on the Identity and Access Management considerations that your organisation has taken to create and manage external accounts for external organisations, or to trust those organisations to handle account management for their own users.

    What’s included:

  • Overview of Azure AD B2B and SharePoint Online external sharing controls at the tenant scope, within SharePoint Online administration and at the Site Collection level
  • Provide an overview of the options to control Yammer External Messaging and Yammer External Networks, and compare these capabilities to SharePoint Online external sharing
  • Pros and cons of collaborating with external accounts that have been created in your own Azure Active Directory, versus trusting accounts from another organisation’s Azure AD tenant, and the implications of sharing with consumer identities
  • Produce an Office 365 extranet Design document for your organisation
  • Ensure your organisation’s digital identities are protected Speak to Content and Code today about identity-driven, IAM solutions.

    Latest insights into Office 365 

    Microsoft Partner of the Year Awards 2019

    Content and Code (an IT Lab Group Company) recognised as finalist for 2019 Microsoft Customer Experience and Modern Workplace Transformation Awards respectively. Content and Code (an IT Lab Group Company) are today delighted to announce that we have been named...

    read more

    Accessibility – Inclusion For Everyone

    Over 10 million people in the UK are registered as disabled. More than one billion people around the world need assistive products to enable independence and productivity. The shocking reality is that only 1 in 10 people actually have access to these kinds of...

    read more