Microsoft once again brought in the rebranding team and chose the name “Entra” to bring together the corporate identity and accessibility. “Microsoft Entra is the new suite of products that encompasses all of Microsoft’s access and identity capabilities,” said Joy Chik, Corporate Vice President, Microsoft Identity and Vasu Jakal Corporate Vice President, Security, Compliance, Identity and Management.
Technology has changed our lives in amazing ways. It has reshaped the way we interact with others, work, develop new skills, partner with brands and take care of our health. It has redefined the way we do business by creating entirely new ways to meet current needs while improving expertise, quality, speed and cost management.
Behind the scenes of all these innovations, millions and millions of connections happen every second between people, machines, apps and devices so they can share and access data. These interactions create exciting opportunities for how we interact with technology and with each other, but they also create an ever-widening attack surface with increasing vulnerabilities for people and data that must be addressed exponentially.
It is becoming increasingly important – and challenging – for organizations to address these risks as their digital initiatives progress. They must remove barriers to innovation, without fear of exposure. They need to inspire trust, not just in their digital experiences and services, but in every digital interaction that supports them — every access point between people, machines, microservices, and things.
The Entra family includes Microsoft Azure Active Directory (Azure AD), as well as two new product classes: Cloud Infrastructure Entitlement Management (CIEM) and Decentralized Identity. Entra family products will help provide secure access while providing identity and access management, cloud infrastructure access rights management, and identity verification.
Unfortunately, this has nothing to do with the Encarta encyclopedia, which was launched by Microsoft in the 1990s and which eventually died out in the 2000s. Entra has little to do with playing postage-stamp-sized videos, but more with Azure Active Directory (AAD) and Cloud Infrastructure Entitlement Management (CIEM).
Permission management stems from Microsoft’s acquisition of CloudKnox last year. It covers AAD, AWS, and GCP systems and, in addition to enforcing the principle of least privilege, is also designed to monitor unused or excessive permissions.
It represents our commitment to a future with a decentralized, open, trusted, interoperable and standards-based identity for individuals and organizations. In terms of standards, the company says it actively collaborates with members of the Decentralized Identity Foundation (DIF), the W3C Credentials Community Group, and the broader identity community.
In a world increasingly concerned with sovereignty, a verified Microsoft ID puts control of identity back in the user’s hands and, according to Microsoft, enables organizations to conduct privacy-protected interactions with users. The validated identifier uses cryptographic keys that are exchanged during issuance and verification, eliminating the need for a one-to-one union between the validator and the issuer.
When the world was simpler, digital access control was relatively simple. All you have to do is mark the perimeter and let only the right people in. But this is no longer applicable. Organizations simply cannot put up barriers around everything. Their digital heritage is expanding, changing, and becoming limitless. It is almost impossible to anticipate and address the infinite number of access scenarios that can occur within an organization and its supply chain, especially when it comes to systems, platforms, hardware and software, third party applications and devices that are outside the control of an organization.
Identity is not limited to directories, and access is not limited to the network. Security challenges are becoming broader, and users need broader solutions. Companies must secure access to every customer, partner, and employee, as well as to every microservice, sensor, network, device, and database.
It must be simple. Companies don’t want to deal with imperfect, disjointed solutions that solve only part of the problem, work only in a subset of environments, and require tape and gum to work together. They need access decisions to be as accurate as possible and to automatically adapt based on real-time risk assessment. And they need it everywhere: On-premises, Azure AD, Amazon Web Services, Google Cloud Platform, apps, websites, devices, and more.
Microsoft promises to deliver this vision of identity and access with the new Entra family of products. To make this vision a reality, the identity must evolve. Our interconnected world requires a flexible and agile model in which people, organizations, applications, and even smart devices can make real-time access decisions with confidence.
We need to build on and expand our capabilities to support all scenarios our clients face. “We are developing our identity and access solutions so that they can serve as the fabric of trust for the entire digital ecosystem, now and in the future,” the company said. Microsoft Entra will verify all types of identities and secure, manage, and control their access to any resource. The new Microsoft Entra family of products will:
- Discover and manage permissions in multicloud environments;
- protect access to any application or resource for any user;
- Securing and verifying every identity in hybrid and multicloud environments;
- Simplify the user experience with smart, real-time access decisions.
This is an important step toward offering a full suite of products for identity and access needs, and we will continue to grow the Microsoft Entra family of products. Microsoft Azure AD, our hero product for identity and access management, will be part of the Microsoft Entra family, and all the features our customers know and love, such as conditional access and passwordless authentication, will remain unchanged. Microsoft said Azure AD external identities remain our identity solution for customers and partners within the Microsoft Entra family.
Reduce the risk of access via clouds
Multicloud adoption has led to a massive increase in identities, permissions, and resources on public cloud platforms. Most identities are bulky, which expands the organization’s attack surface and increases the risk of accidental or malicious abuse of permissions. Without visibility across cloud providers or without tools that provide a consistent experience, it has become extremely difficult for identity and security teams to manage permissions and enforce the principle of least privilege across their entire digital properties.
With the acquisition of CloudKnox Security last year, Microsoft is now the first major cloud service provider to offer a CIEM solution: Microsoft Entra Permission Management. This solution provides complete visibility into permissions for all identities (users and workloads), actions, and resources across multicloud infrastructures. Permission management helps detect, measure, and monitor unused and excessive permissions, and mitigates the risk of data breaches by implementing the principle of least privilege in Microsoft Azure, Amazon Web Services, and Google Cloud Platform.
Microsoft Entra Permission Management will be a globally available, standalone offering in July 2022 and will also be integrated into Microsoft Defender for Cloud dashboard, extending Defender to cloud protection with CIEM. Additionally, with insight into Microsoft Entra workload identity management, customers can assign and secure identities to any application or service hosted in Azure AD by extending workload control, access, and risk detection capabilities.
Enable secure digital interactions that respect privacy
Verified ID applies industry standards that make independent mobile identity possible. It represents Microsoft’s commitment to a future with a decentralized identity that is open, reliable, interoperable, and standards-based for individuals and organizations. Rather than giving broad consent to countless apps and services and distributing identity data among multiple vendors, Verify ID allows individuals and organizations to identify what information they share, when they share it, and with whom they share it. they.
The potential scenarios for decentralized identity are endless. When we can verify enterprise credentials in less than a second, we can conduct business-to-business and business-to-customer transactions with greater efficiency and confidence. Background checks become faster and more reliable when people can digitally store and share their certificates and certificates.
Managing our health becomes less stressful when doctor and patient can verify each other’s identities and trust that their interactions are private and safe. The Microsoft Entra ID will be publicly available in early August 2022.
Automate critical identity governance scenarios
Identity governance for employees and partners is a major challenge for IT and security teams to provision new user and guest accounts and manually manage their access rights. This can have a negative impact on IT and individual productivity. New employees often experience a slow increase while they wait to reach their work needs.
Similar delays in granting necessary access to guest users are detrimental to the proper operation of the supply chain. Then, in the absence of formal or automated processes for renewing or disabling people’s accounts, their access rights may still apply when they change roles or leave the organization.
Identity Governance solves this problem through identity lifecycle management, which simplifies user operations on and off the plane. Lifecycle workflows automate the assignment and management of access rights, as well as monitoring and tracking of access as user attributes change. Identity management lifecycle workflows will be in public preview in July 2022.