What’s Conditional Access?

Extra support for your existing IT department to give them a much needed boost.


The cloud opens a lot of doors for organizations trying to get an edge, but the more doors that are open, the more ways there are for bad actors to get in. That’s why a massive amount of time and resources have gone into developing security measures that protect the owners of a cloud system while still providing easy, anytime, anywhere access to its apps and data. One of the primary features in use today is Conditional Access.

Conditional Access starts with the administrators of the cloud infrastructure setting policies or “conditions” that must be met for a user to be granted access. These conditions include the location of the user, what device they are using, what app they want to access, and many more obvious and subtle parameters determined by the administrators. If a user requests access to data or apps and does not meet the conditions, they will be asked for further authentication of their identity or blocked entirely.

A Simple Example:

  • A network administrator sets a policy for their company’s cloud infrastructure that includes (among many others) a condition stating users within 100 miles of the main office can access spreadsheets stored on their servers.

  • An employee travels to a conference in Hong Kong, and needs to access these spreadsheets. Since the employee is outside the acceptable range, secondary authentication is requested.

  • The employee provides these credentials, which are determined by the policy. This could be authentication on their mobile device, an additional passcode, or a variety of other verification methods.

  • A cybercriminal on the other side of the country from the main office tries to access these same spreadsheets, but since they do not meet the distance condition (and likely many other conditions) they are asked for credentials they cannot provide and are blocked.

Protects Data: Unauthorized users are locked out thanks to multiple layers of authentication.

Fortifies Office 365:
Conditional access prevents the highly shareable nature of Office 365 from becoming a liability.

Secures Intellectual Property: Besides blocking unauthorized users, share settings can be set so even authorized users can’t replicate or share proprietary information.

Fulfills HIPAA Needs: The tight control granted by conditional access meets and in some cases exceeds HIPAA requirements.

With the technology available today, policies for Conditional Access can be meticulously customizable and sophisticated. The cloud security specialists at a COUPLE of GURUS can help you develop policies that protect your organization without undermining the advantages of the cloud.