Scribd
Upload
999 views61 pages

Microsoft Entra Identity and Access Presentation

Microsoft Entra Identity and Access Presentation

Uploaded by

kumak8
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
999 views61 pages

Microsoft Entra Identity and Access Presentation

Microsoft Entra Identity and Access Presentation

Uploaded by

kumak8
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
  • Introduction to Microsoft Entra
  • Digital Landscape Challenges
  • Overview of Microsoft Entra
  • Key Features of Microsoft Entra
  • Azure Active Directory Overview
  • Unified Identity Management
  • Permission Management in Microsoft Entra
  • Verified ID Services
  • Identity Governance
  • Workload Identities Management
  • Conclusion

Microsoft Entra

Secure access for a connected world


Microsoft Entra

Azure Microsoft Entra Microsoft Entra Microsoft Entra Microsoft Entra


Active Directory Permissions Management Verified ID Identity Governance Workload Identities
Microsoft Entra
Microsoft - Consistently recognized as a Leader by industry analysts

Source: Gartner Magic Quadrant for Access Management, November 2022 Source: IDC MarketScape Worldwide Advanced Authentication for Identity Security, 2021
Microsoft Entra

Azure Microsoft Entra Microsoft Entra Microsoft Entra Microsoft Entra


Active Directory Permissions Management Verified ID Identity Governance Workload Identities
Azure
Active Directory



Protect your users, apps, workloads, and devices.

Seamless user experiences

Unified identity management


Protect your users, apps, workloads, and devices.

Secure adaptive access

Unified identity management


CORNERSTONE ADOBE CREATIVE
WORKDAY LUCIDCHART MYDAY ZAPIER GITHUB
ONDEMAND CLOUD

TERRAFORM DROPBOX
NETSUITE BOX BENEFITS ATLASSIAN JIVE
CLOUD BUSINESS

BLACKBOARD COMPANY SAP ANALYTICS CISCO SUCCESS


MARKETO FRESHSERVICE
LEARN STORE CLOUD ANYCONNECT FACTORS
Protect your users, apps, workloads, and devices.

Secure adaptive access

Seamless user experiences


Microsoft Entra

Azure Microsoft Entra Microsoft Entra Microsoft Entra Microsoft Entra


Active Directory Permissions Management Verified ID Identity Governance Workload Identities
Multicloud adoption brings new permission challenges

Exponential growth of identities,


machines, functions, and scripts
operating in the cloud infrastructure

>90% of identities are using <5% of


permissions granted

>50% of permissions are high-risk


and can cause catastrophic damage
Today’s static, A new, dynamic
outdated approach approach

Grants permissions based on job Grants permissions based on


roles and responsibilities historical usage and activity

IAM admins manually grant permissions Allow temporary access to high-risk


which are not time-bound permissions on-demand

Permission clean-up is done manually Continuously monitor and right-size


on an as-need basis identities to prevent privilege creep
Identity
Provider

Identities
Actions
Resources

Microsoft Entra
Permissions
Management
Permission Creep Index

usage analytics
Just-In-Time access

permissions
on-demand
with customizable alerts

machine learning-
based anomaly detections

detailed reports and


cyber kill chain analysis
Microsoft Entra

Azure Microsoft Entra Microsoft Entra Microsoft Entra Microsoft Entra


Active Directory Permissions Management Verified ID Identity Governance Workload Identities
Identity & Access Management
Trends & Challenges

People don’t own their identity data


Individuals lack visibility on how their
data is used, and how to get it back

Regulations are increasing


65% of the world’s population will be

25.6
covered by privacy regulations by 2023

Modern workplace is hybrid


billion Remote identity proofing processes are
attempts to hijack enterprise unsatisfactory for 82% of organizations
customer accounts detected
and blocked by Microsoft
from Jan – Dec 2021.
Identity is the New Battleground, Cyber Signals, February 2022
Issue easily

Verify confidently

Use anywhere
Microsoft Entra

Azure Microsoft Entra Microsoft Entra Microsoft Entra Microsoft Entra


Active Directory Permissions Management Verified ID Identity Governance Workload Identities
01 02
Onboarding /
Provisioning

Who has/should What are they


have access to doing with that
which resources? access?

Access
Access Lifecycle
Recertification Identity Management

03 04
Are there effective Can auditors
organizational verify that the
controls for controls are
Secure privileged managing access? working?
access for
administration
Single sign-on and outbound provisioning
Manage users by automating Joiner/Mover*/Leaver processes

* To be supported in future
Microsoft Entra

Azure Microsoft Entra Microsoft Entra Microsoft Entra Microsoft Entra


Active Directory Permissions Management Verified ID Identity Governance Workload Identities
Many traditional IAM capabilities do not apply to workload identities

Difficult to manage workload Higher potential for secrets Lacking capabilities for
identity lifecycle: or credentials to leak: securing access:
How to ensure that workload How to remove unnecessary or
identities are not breached overprivileged access
- User Identity - Workload Identity

1:20 in
1:5 today
five years

Solutions that improve access management for non-human entities

Sources: Internal Microsoft marketing research 2021, CloudKnox 2021


Workload Identities
An identity and access
management (IAM) solution that
manages and secures access by
applications and services.
Conditional Access for workload identities

Support for Conditional Access policies


applied to workload identities.

Define the conditions under which a


workload may access a resource.

Enables blocking workload identities from


outside of trusted IP ranges, such as a
corporate network public IP ranges.
Identity protection for workload identities

Support identity protection capabilities, such


as detecting, investigating and remediating, to
workload identities.

Detect risk on workload identities across sign-


in behavior and offline indicators of
compromise.

Enable applying risk-based conditional access


to workload identities.
Access reviews for workload identities

Reduce the risk associated with stale role


assignment by configuring recurring reviews
of workload identities

Delegate the reviews to the right people,


then automatically revoke access of the
denied workload identities.
Microsoft Entra

Azure Microsoft Entra Microsoft Entra Microsoft Entra Microsoft Entra


Active Directory Permissions Management Verified ID Identity Governance Workload Identities
© Copyright Microsoft Corporation. All rights reserved.

You might also like