, Allegra
Level: 300
Exchange; Azure; Security
Security should start by securing your tenant. Privilege Identity Management (PIM) is not only meant for Azure AD administration. You should follow the least privilege principle and don't have your administrative accounts granted permanent high permissions. If you want to hear and learn how a large company implemented PIM also to their tenant for all Exchange admins or how to create a custom role, which allows specific Exchange admins grant admin consent for ONLY a subset of OAuth 2.0 permission scopes, you are welcome.
Attendees will learn how to leverage Privilege Identity Management (PIM) and improving their security. Following the least privilege principle, attendees will learn how they can create custom roles in Azure AD using Microsoft PowerShell SDK for Microsoft Graph.