Security at your Front Door - How to Enable Azure Active Directory Identity Protection

Akins IT • January 19, 2018

This security feature tends to generate many WOW moments with our clients. ID Protect is the service that assesses your login, ensures you are not breaking your normal behavior patterns, that your password is not compromised on public databases and that you aren't exhibiting signs of impossible travel. Risky logins can be re-affirmed with Multi-Factor Authentication, or an automated password reset.

The telemetry, data and intelligence is already there, enabling ID Protect simply unlocks it.

Almost universally, our clients look through the alerts after enabling and discover some immediate concerns that need action. We have had:

A client detect that their CFO's login was compromised by a user in Russia, who was using mailbox access to send out bad mail requesting wire transfer funds. The CFO had no business relationships in Russia and had never travelled there.
Another client find 12 of their users had leaked credentials online. We used an automatic risk based password policy to force these users to immediately change their passwords.
Yet another client with 3000 users discover that there was a brute force campaign targeting their C-Suite.
This is all useful information that the above environments were previously oblivious to.

Azure Active Directory Identity Protection is a new capability that provides a consolidated view into suspicious sign-in activities and potential vulnerabilities and with notifications, remediation recommendations and risk-based policies that help you protect your business.

Again, the service detects suspicious activities for end user and privileged (admin) identities based on signals like brute force attacks, leaked credentials, sign ins from unfamiliar locations, infected devices, to protect against these activities in real-time. More importantly, based on these suspicious activities, a user risk severity is computed and risk-based policies can be configured and automatically protect the identities of your organization.

Contact Akins IT to setup your trial so you can assess this insight for up to 90 days and 250 users in your environment. This is a no obligation trial and does not convert automatically to a paid subscription.

Want more info on Azure AD?

Get the free whitepaper on Azure AD

Steps to enable Azure Active Directory Identity Protection:

Sign-on to your Azure portal as global administrator.
In the Azure portal, click Marketplace.

a microsoft azure dashboard with a cloud icon

3. In the applications list, click Security + Identity.

a screenshot of the marketplace with the security and identity option highlighted

4. Click Azure AD Identity Protection.

a screenshot of the azure ad identity protection page

5. On the Azure AD Identity Protectionblade, click Create.

Get the free whitepaper on Azure AD

< Older Post

Newer Post >

AWS stumbled this morning. Here’s why multi‑cloud keeps you moving.

By Shawn Akins • October 20, 2025

October 20, 2025 — Early today, Amazon Web Services experienced a major incident centered in its US‑EAST‑1 (N. Virginia) region. AWS reports the event began around 12:11 a.m. PT and tied back to DNS resolution affecting DynamoDB , with mitigation within a couple of hours and recovery continuing thereafter. As the outage rippled, popular services like Snapchat, Venmo, Ring, Roblox, Fortnite , and even some Amazon properties saw disruptions before recovering. If your apps or data are anchored to a single cloud, a morning like this can turn into a help‑desk fire drill. A multi‑cloud or cloud‑smart approach helps you ride through these moments with minimal end‑user impact. What happened (and why it matters) Single‑region fragility: US‑EAST‑1 is massive—and when it sneezes, the internet catches a cold. Incidents here have a history of wide blast radius. Shared dependencies: DNS issues to core services (like DynamoDB endpoints) can cascade across workloads that never directly “touch” that service. Multi‑cloud: practical resilience, not buzzwords For mid‑sized orgs, schools, and local government, multi‑cloud doesn’t have to mean “every app in every cloud.” It means thoughtful redundancy where it counts : Multi‑region or multi‑provider failover for critical apps Run active/standby across AWS and Azure (or another provider), or at least across two AWS regions with automated failover. Start with citizen‑facing portals, SIS/LMS access, emergency comms, and payment gateways. Portable platforms Use Kubernetes and containers, keep state externalized, and standardize infra with Terraform/Ansible so you can redeploy fast when a region (or a provider) wobbles. (Today’s DNS hiccup is exactly the kind of scenario this protects against.) Resilient data layers Replicate data asynchronously across clouds/regions; choose databases with cross‑region failover and test RPO/RTO quarterly. If you rely on a managed database tied to one region, design an escape hatch. Traffic and identity that float Use global traffic managers/DNS to shift users automatically; keep identity (MFA/SSO) highly available and not hard‑wired to a single provider’s control plane. Run the playbook Document health checks, automated cutover, and comms templates. Then practice —tabletops and live failovers. Many services today recovered within hours, but only teams with rehearsed playbooks avoided user‑visible downtime. The bottom line Cloud concentration risk is real. Outages will happen—what matters is whether your constituents, students, and staff feel it. A pragmatic multi‑cloud stance limits the blast radius and keeps your mission‑critical services online when one provider has a bad day. Need a resilience check? Akins IT can help you prioritize which systems should be multi‑cloud, design the right level of redundancy, and validate your failover plan—without overspending. Let’s start with a quick, 30‑minute review of your most critical services and RPO/RTO targets. (No slideware, just actionable next steps.)