Secure access to resources
Protect against identity compromise and help ensure only verified users and trustworthy devices can access resources.
Keep your workforce secure and productive by granting access based on contextual factors such as user, device, location, and session-risk information.
Conditional Access enables organizations to configure and fine-tune access policies with contextual factors such as user, device, location, and real-time risk information to control what a specific user can access and how and when they have access.
Conditional Access is the tool used by Azure Active Directory to bring signals together, to make decisions, and enforce organizational policies. By using Conditional Access policies, you can apply the right access controls when needed to keep your organization secure and stay out of your user's way when not needed. This security policy enforcement engine analyzes real-time signals to make security enforcement decisions at critical checkpoints. On the left side, signals from users, devices, location, applications, data labels, risk analysis, are aggregated and based on the signals and decisions are enforced. In the middle, common decisions includes block, limit, allow access or required additional steps such as MFA or password reset are determined based on signals. Once Conditional Access determines the appropriate action, it’s enforced on apps and data on the right.