Cloud migration and managed services are the best way to improve your business and operations. Read on to learn more about what CSW Solutions can do for you as your Gold-certified cloud solutions partner.
Welcome Microsoft Entra
This has been a big year in Microsoft cloud and there has been no bigger, bolder player than Azure. Microsoft's cloud offerings have evolved quite dramatically over the last few years and now we have Microsoft Entra, the shiny new product family focusing on identity and access capabilities. Along with the introduction of Purview in June, the cards are all on the table and the race has begun(again!).
Today, we'll focus on Microsoft's shiny new product family, Microsoft Entra.
This new-ish product family will function as a central hub for managing your cloud, hybrid, or multicloud identity. It will neatly wrap up all of Microsoft’s identity and access capabilities and expand further for more access and availability to adapt with confidential and scalable management solutions for the remote and hybrid workforce.
Microsoft Entra products include:
- Azure Active Directory (Azure AD)
- Microsoft Entra Permissions Management (a Cloud Permissions management (CPM) /Cloud Infrastructure Entitlement Management (CIEM) solution)
- Microsoft Entra Verified ID (a decentralized identity product offering)
Entra will verify all types of identities and secure, manage, and govern access to any resource by managing everything from one place. You can:
- Protect access to any app or resource for every user
- Secure and verify every identity across hybrid and multi-cloud environments
- Discover and govern permissions and manage access lifecycles
- Simplify the user experience with real-time intelligent access with unified administration
Before, you needed Microsoft 365 or premium tiered access through Azure AD to access any of these features. But now, as a standalone suite of tools, anyone can enter the identity and access ring. These tools will eventually open the door to greater integration options, as the Entra portal will encompass its own permissions portal that will include identity governance, serverless functions, databases, compute and container clusters across Microsoft Azure, Amazon Web Services, and Google Cloud.
Let's break it down.
Azure Active Directory has been a part of Microsoft for some time now and we are big fans! It is a cloud identity that gives admins the ability to manage end-user identities and access privileges. Its main services include core directory, access management, and identity protection for Azure and Microsoft 365. Its evolution in branding and availability as part of its inclusion into Entra mean that not only will we still be able to take advantage of its full suite of comprehensive capabilities but it is clear that Microsoft anticipates identity governance will accelerate toward automation and single-identity authentication.
While some interface changes will feel more streamlined, there will be more simplified identity-based management tools now too. Governance, conditional access, MFA, and more continue to be available but the navigation will improve with the restructuring.
New employees often have to wait for the access required for their jobs and access is often manually granted by security teams and IT. Similar delays in granting necessary access to guest users undermine productivity and affect the supply chain for organizations. Without automated or formal processes for deactivating or provisioning accounts as access rights change through evolving roles or exiting users, abandoned or orphaned accounts can pose serious security threats. Identity lifecycle management can be a great solution for this type of scenario, making onboarding and offboarding much easier and safer.
Microsoft Entra Permissions Management
The Permissions Management service is essentially a repackaged CloudKnox Permissions Management that Microsoft acquired last year. It "detects, right-sizes, and monitors unused and excessive permissions and enables Zero Trust security through least privilege access," as Microsoft said here. It employs continuous analytics to help prevent security breaches and ensure compliance, enabling granular visibility, and automated remediation for hybrid and multicloud permissions.
Permissions Management is integrated into the Defender for Cloud dashboard, extending protection with CIEM. The CIEM solution analyzes activities associated with machine and human identities across cloud platforms, including Amazon Web Services, Google Cloud Platform and Microsoft Azure. It is also available in European Union countries as Microsoft made it compliant with the European Commission's General Data Protection Regulation (GDPR).
Microsoft Entra Verified ID
This is a new offering that isn't generally available yet. It is based on standards that make decentralized identity possible. Essentially, you can decide what information you share, when, and with whom—and then take it all back. Individuals and organizations can validate identity information for self-service onboarding, saving time and resources from the start. Credentials and status can be verified for faster, secure access that won't involve support calls or security questions ever again (hopefully!). Solutions can also be custom-built with dev kits and APIs through documentation that will provide more detail as this is rolled out.
As this product offering evolves, there will surely be more to talk about from Microsoft. At CSW Solutions, we aren't just cloud solutions experts but a proud team of technology specialists who are always open to hearing about the next big idea. So, if you have a project you want to discuss, reach out to us here and discuss with a real person who just might become your backend development services side-kick! Be sure to also check back here or subscribe to our newsletter, so you never miss a beat with your pals at CSW Solutions!