常用条件访问策略Common Conditional Access policies

安全默认值很好,但是对于许多组织而言,需要比这些策略提供的更高的灵活性。Security defaults are great for some but many organizations need more flexibility than they offer. 例如,许多组织都需要能够从需要多重身份验证的条件访问策略中排除特定帐户,如其紧急访问帐户或不受限管理帐户。For example, many need the ability to exclude specific accounts like their emergency access or break-glass administration accounts from Conditional Access policies requiring multi-factor authentication. 对于这些组织,可以使用本文中提到的常用策略。For those organizations, the common policies referenced in this article can be of use.

Azure 门户中的条件访问策略

紧急访问帐户Emergency access accounts

有关紧急访问帐户及其重要原因的详细信息,请参阅以下文章:More information about emergency access accounts and why they are important can be found in the following articles:

组织部署的典型策略Typical policies deployed by organizations

其他策略Additional policies

后续步骤Next steps