Jussi Roine
Home About Me Contact
Home About Me Contact

identity management

Browse posts in this collection.

A look at the Azure Well-Architected Framework in the context of multiple Azure AD tenants

A look at the Azure Well-Architected Framework in the context of multiple Azure AD tenants

 June 2, 2022

I explore how the Azure Well-Architected Framework guides modern identity management, highlighting the critical shift from fragmented on-premises directories to a unified Azure AD tenant. By examining the identity checklist and best practices, I demonstrate why centralizing identities into a single enterprise directory remains a fundamental pillar for effective cloud architecture.

Azure Lighthouse - managing customer Azure tenants as a Service Provider

Azure Lighthouse - managing customer Azure tenants as a Service Provider

 July 12, 2019

If you are a managed service provider struggling to scale access across multiple customer Azure tenants, this post explains how Azure Lighthouse simplifies that process through delegated access. I walk you through the service's key benefits, such as unified management and enhanced visibility, while illustrating how it eliminates the need for cumbersome guest account invitations or separate account management.

Becoming passwordless in Microsoft 365 using Surface Go and a FIDO2 key

Becoming passwordless in Microsoft 365 using Surface Go and a FIDO2 key

 July 16, 2019

Discover how I leveraged my underutilized Surface Go to experiment with Microsoft 365’s new passwordless preview, replacing traditional passwords with a more secure FIDO2 security key. This post details my practical approach to setting up this modern authentication method on a Windows 10 Pro device, demonstrating how to transition away from password-based logins using hardware tokens like YubiKey.

Best Practice: Create a break-glass admin account

Best Practice: Create a break-glass admin account

 January 10, 2022

You might find this post valuable if you want to ensure you never lose access to your Microsoft cloud tenants during a critical identity failure. I explain the urgent need for a dedicated, cloud-only break-glass admin account and outline the specific security configurations required to keep it resilient against infrastructure outages. By following these best practices, you can safeguard your emergency access while maintaining robust protection against unauthorized use.

Discovering and blocking legacy authentication in your Azure and Microsoft 365 subscriptions

Discovering and blocking legacy authentication in your Azure and Microsoft 365 subscriptions

 January 19, 2021

If you are concerned about the security risks posed by outdated authentication methods, this post explains why disabling legacy auth is crucial for enforcing multi-factor authentication and protecting your cloud identities. I will guide you through identifying these vulnerable protocols in Azure Portal and outline the steps to effectively block them, helping you secure your organization against credential exposure.

← 1 2 3 →
Jussi Roine

Jussi Roine

Microsoft MVP and consultancy founder with 30+ years of experience, passionate about Microsoft security, AI governance, and sharing what I learn along the way.

Tags

azure productivity microsoft 365 homelab windows cloud computing software development security data management sharepoint networking automation microsoft teams cybersecurity certifications virtualization macos power platform ai and machine learning docker identity management power automate artificial intelligence azure openai devops c# powershell linux serverless containers
Jussi Roine

Microsoft MVP and consultancy founder with 30+ years of experience, passionate about Microsoft security, AI governance, and sharing what I learn along the way.

© 2026 Jussi Roine. All rights reserved.