Azure AD news from Microsoft Ignite 2017

Azure AD related announcements from Microsoft Ignite, the majority is mentioned in Microsoft’s Secure Blog — I will try to update the list with links to technical documentation on Microsoft Docs.

• PTA and S-SSO go GA
• New IdP’s for B2B coming soon, including Google ID!
• Cloud App Security integration for AAD Conditional Access to extend session limits (e.g. prevent downloads on box.com)
• AAD adds support for 3rd party MFA provider RSA, Duo and Trusona
• New Azure AD governance partner Saviynt and Omada (SailPoint is available for quite a while)
• AAD PIM adds support for Azure RBAC
• New Access Review feature for AAD (Known from PIM, now extended for group members, application access, user access, guest access, self defined controls)
• New Terms of Use feature which can be enforced via conditional access
• Conditional access for AIP protected documents
• Conditional access adds support to select locations by country (e.g. don’t enforce MFA if request comes from a German IP)
• Phone Sign In will come to Azure AD soon (Known from personal Microsoft Accounts)
• Microsoft is heavily contributing to FIDO 2.0