“What If”…Conditional Access was Simpler?
Azure AD’s Conditional Access Policies (CAPs) are traditionally set up and monitored on a group basis. Usually, knowing what’s happening on the scale of a single user requires them to actually tell you about it. As a result, it’s a clunky process.
A new tool from Microsoft, however, just might change that dynamic entirely. What If, currently in Public Preview, gives you an in-depth review of how CAPs apply to specific users.
Whereas CAPs allow you to order “If this occurs, then do this,” What If allows you to ask “What if this user does this?” This functionality allows you to see how your policies affect a particular user in specific environments—without needing to hear from the user themselves.
Not only does the tool show which policies apply to a user, but also shows which ones don’t—and why. If a CAP isn’t impacting a user in the intended way, What If should help clarify any issues. Running simulations can also help you check your work, rooting out any potential issues before they arise.
If the released tool works as promised, this access to more information and lessened reliance on user feedback will be a boost to efficiency. And hey, anything that delivers easier conditional access management is a winner in our book.
To read the full announcement from Microsoft’s Alex Simons (@Alex_A_Simons), it can be found here. Since the tool is still in Public Preview, they’re still soliciting suggestions and feedback—so if you’re curious, go check it out.