Matthew Ramos

Cloud-Native Identity & Device Management Test Environment

Author: Matthew Ramos

Environment Type: Homelab (Test Environment)

Tools Used: Microsoft Entra ID, Intune, Microsoft Defender for Endpoint, Power Automate, Graph API

Objective

Design and implement a cloud-native test environment that simulates enterprise-grade identity and device management using Microsoft tools. The goal was to practice and validate Zero Trust principles, enforce security baselines, automate identity provisioning, and test endpoint protection.

Implementation Breakdown

1. Identity Foundation – Microsoft Entra ID

- Created test users, security groups, and assigned roles with least privilege.
- Integrated with custom Power Automate flow for new hire provisioning:
- Triggered via manual approval form
- Created Entra ID user
- Assigned licenses and group memberships via Graph API

2. Device Management – Microsoft Intune

- Enrolled test Windows and macOS devices via Company Portal.
- Configured:
- Compliance Policies (OS version, password requirements, encryption)
- Configuration Profiles (BitLocker settings, Wi-Fi, macOS restrictions)
- Endpoint security policies aligned with CIS benchmarks
- Created dynamic device groups for role-based app deployment.

3. Conditional Access

- Enforced MFA for all users via Conditional Access policy.
- Blocked access to company apps from non-compliant devices.
- Allowed only managed, compliant devices to access M365 services.

4. Endpoint Protection – Defender for Endpoint

- Integrated Defender with Intune for all enrolled Windows test VMs.
- Enabled real-time protection, cloud-based detection, and threat response.
- Simulated malware to test alerting and remediation capabilities.

Automation Highlights

- Used Power Automate and Graph API to:
- Automate new hire identity creation and licensing
- Assign Intune roles and policies based on department
- Improved provisioning speed and reduced manual effort

Security Validation

Lessons Learned / Next Steps

Planning to integrate Azure Sentinel for log aggregation and correlation.

Back