Andreas Kjellman works as Chief Technical Architect for Identity Management at Knowledge Factory, which is a part of Advania. Before that he worked at Microsoft in Redmond as a Program Manager for Microsoft’s identity products, such as Forefront Identity Manager and Azure Active Directory. One could easily say that he knows his way around the products for onboarding customers to the cloud. 

Today he entered the stage at Microsoft TechX and talked about “How to secure O365 with Azure AD”. Directly related to the main topics:

  • Overview – What is Azure Active Directory’s relation to Office 365
  • Secure your front door, but still allow mobility
  • Avoid user errors and unintentional leaks
  • Discover attacks and minimize damage

And then there was a topic that really got attention:

  • Andreas personal favourites what Azure AD can do (that is not directly in correlation with O365)

And here they are, Andreas Kjellmans, two must haves:

Cloud App Discovery – The crackdown on Shadow IT
Finds the SaaS apps that the company users are using, but the IT doesn´t know about.


Azure AD Domain Services – Allowing for full migrations to Cloud
It’s very common that organizations uses a on prem Azure AD for line of business applications. But with Azure AD Domain Services you can move LOBs from onprem to cloud, and still use LDAP and Kerberos.


Then there was a quick Q/A:

Q: When do I use ADFS onprem?
A: When it requires smartcard login or when you don’t have Active Directory onprem, for exampel LDAP.

Q: You talked about B2B authentication, does that also require that the partner uses Azure AD?
A: No it’s not a requirement. If it’s a social login, i.g. Google or Facebook a MS account is created for login. If they don’t have an existing tentant, a free one is created ADHOC.

Q: When is Microsoft moving all the functions to the new Azure AD portal?
A: Microsoft is moving more and more features to the new feature and they say they should be done before summer.