In this post we are discussing how to configure How to use Microsoft Entra Conditional Access in Edge for Business to Restrict Access to Compliant Devices. We all know that nowadays cybersecurity is very high so in this situation we need to secure our organization. In this case especially using a Zero Trust approach make sure everything is secure.
The Microsoft Edge for Business is designed to protect the need by providing a secure environment through an enterprise browser built with AI-powered security and Zero Trust principles. It helps organizations protect users, devices, and data by verifying every request, even within networks.
Also when it comes browser security, Microsoft Entra Conditional Access, when used with Microsoft Edge for Business, helps protect company data by making sure only safe, approved devices and users can access company apps and files. The system is using Microsoft Entra rules to block access from devices that aren’t safe or don’t follow company rules, to keep important company data protected.
Edge for Business works with this system to enforce these checks through the browser, making it easier for companies to keep data safe without slowing down employees. So in this post we can look into a overview of how to Configure Microsoft Entra Conditional Access for Edge for Business to Restrict Access to Compliant Devices.
Table of Contents
How to use Microsoft Entra Conditional Access in Edge for Business to Restrict Access to Compliant Devices
Microsoft Edge for Business is a secure browser built for organizations, combining a familiar Chromium base with advanced Microsoft security and data protection. Microsoft Entra Conditional Access, a powerful security feature designed to protect enterprise resources. Previously known as Azure Active Directory (Azure AD).
- Microsoft Edge for Business always support Zero trust, which means it never automatically trusts any user or device.
- Microsoft Entra Conditional Access plays a crucial role in this setup. It adds a powerful layer of protection by verifying each sign-in based on multiple signals.
- Zero trust will never trust anthing it always verify every access but in the conditional access it control who can access devices in the organization resourses.
- Microsoft Ege take some extra steps for protecting the browser such as smart screens.
- Entra Conditional Access is Central to Secure Microsoft 365 – A Brief Analysis
- How to use Entra Require App Protection Policy in Conditional Access for Secure Access
- EntraOps Privileged EAM Automate Tiered Access Model for Conditional Access and Administrative Units
Identity Signals to Enforce Access Policies
When someone signs into Microsoft Edge with their Microsoft Entra ID, the browser checks if their device follows the company’s security rules. This check happens automatically for both work and personal devices. If the device doesn’t meet the required standards, access to company cloud services is blocked, and the user sees a clear error message.
- In the below image you can see that it shows a Microsoft sign-in error message that appears when a user tries to access a protected application using an unsupported device or browser configuration.
| Error Message |
|---|
| Here you can see that, a user is trying to sign in to a secure application and getting a Error Message “You can’t get there from here”. |
| The error message indicates the access is blocked because the device or application being used does not meet security requirements. |
| It denied access because the application contains sensitive information and can only be accessed from: Devices or applications that follow the FederatedTenant management compliance policy, which ensures they meet company security standards. Also, Microsoft Edge with the correct work or school account signed in. |
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Resources
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.