Microsoft recently announced the release of Microsoft Entra, which encompasses all of Microsoft’s identity and access capabilities. The Entra family includes Microsoft Azure Active Directory (Azure AD), as well as two new product categories: Cloud Infrastructure Entitlement Management (CIEM) and decentralised identity.
The products in the Entra family will help provide secure access to everything for everyone, by providing identity and access management, cloud infrastructure entitlement management, and identity verification.
Microsoft Entra will verify all types of identities and secure, manage, and govern their access to any resource. The new Microsoft Entra product family will:
- Protect access to any app or resource for any user.
- Secure and verify every identity across hybrid and multi-cloud environments.
- Discover and govern permissions in multi-cloud environments.
- Simplify the user experience with real-time intelligent access decisions.
What products does it include?
1. Microsoft Entra Verified ID
Initially known as Initially known as "Azure Active Directory Verifiable Credentials”, Verified ID enables you to create, issue, and verify privacy-respecting decentralised identity credentials, ensuring secure interactions with anyone or anything.
- Fast remote onboarding: Validate identity information for trustworthy self-service enrolment and reduced time-to-hire.
- More secure access: Quickly verify an individual’s credentials and status to grant least-privilege access with confidence.
- Easy account recovery: Replace support calls and security questions with a streamlined self-service process to verify identities.
- Custom business solutions: Easily build solutions for a wide range of use cases with our developer kit, APIs, and documentation.
How does it work?
Based on open standards, Verified ID automates verification of identity credentials and enables privacy-protected interactions between organizations and users.
- The issuer is an organisation that attests to claims and grants digitally signed credentials to the user.
- The user receives and approves the request for credentials obtained from issuer and presents to verifier. The credential claims are cryptographically signed with the user’s private key.
- The verifier is an organisation that requests proof and upon receipt verifies that claims in credentials satisfy requirements.
- Workplace applications: With workplace credentials, a verified employee can securely access customer databases, sales metrics, customer relationship management systems, and more.
- Workplace applications for partners or contractors: Verified partners and contractors can be issued credentials that allow them to easily access the resources they need.
- Business-to-business (B2B) access: Organisations can allow verified employees from other organisations to access high-value applications directly without establishing and maintaining individual federations
2. Azure Active Directory
Safeguard your organisation with a cloud identity and access management solution that connects employees, customers and partners to their apps, devices, and data.
Benefits of Azure AD:
- Secure adaptive access: Protect access to resources and data using strong authentication and risk-based adaptive access policies without compromising user experience.
- Seamless user experiences: Provide an easy, fast sign-in experience across your multi-cloud environment to keep your users productive, reduce time managing passwords, and increase productivity.
- Unified identity management: Manage all your identities and access to all your applications in a central location, whether they’re in the cloud or on-premises, to improve visibility and control.
- Simplified identity governance: Control access to apps and data for all users and admins efficiently with automated identity governance to ensure only authorised users have access.
3. Permissions Management
Discover, remediate, and monitor permission risks across your multi-cloud infrastructure. Microsoft Entra Permissions Management (previously CloudKnox) is a cloud infrastructure entitlement management (CIEM) product that provides comprehensive visibility and control over permissions for any identity and any resource in Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP).
- Get full visibility: discover what resources every identity is accessing across your cloud platforms.
- Automate the principle of least privilege: use usage analytics to ensure identities have the right permissions at the right time.
- Unify cloud access policies: implement consistent security policies across your cloud infrastructure.
Manage your multi-cloud infrastructure:
- Discover all cloud permissions - Microsoft will now be able to integrate with all resources to evaluate all cloud permissions that are granted.
- Evaluate your permission risks - Assess permission risks by evaluating the gap between permissions granted and permissions used.
- Manage permissions and access -Right-size permissions, grant permissions on demand, and automate just-in-time access.
- Monitor permissions continuously - Detect anomalous activities with machine learning-powered alerts and generate detailed forensic reports.
How is it managed?
Admin Center enables you to oversee all your organisation’s identities in one place. The Microsoft Entra admin center consolidates control and visibility across your hybrid and multi-cloud identity infrastructure. This cohesive, easy-to-use portal is designed for identity security admins to verify and secure every identity; protect and ensure least-privilege access to apps, devices, and data; plus discover and remediate permission risks for any identity or resource.
How can I get started?
Advanced’s relationship with Microsoft goes back over 30 years, over which we have helped numerous organisations digitally transform and embrace a better way of working. As a Microsoft Gold Partner with several competencies and a Microsoft Azure Virtual Desktop Advanced Specialisation, we enable you to get the very best from your Microsoft technology. Contact us today to learn more or get started.