Identity security must be at the heart of any organization’s security strategy.
Our infrastructures have become more disparate, and our users are accessing more systems from more locations and devices. This has made identities more vulnerable and a much higher value target to cybercriminals than ever before. A criminal with a stolen identity or set of credentials can gain access, deploy malware, steal data, or carry out denial-of-service attacks upon a given target.
This has driven demand to find new ways to tackle the challenge, such as the emerging Identity Threat Detection & Response (ITDR) market. It also has changed how we trust identities once they have access to systems, with Zero-Trust dictating constant evaluation of identities once authorized.
It is with this in mind that July 11th saw Microsoft make a number of announcements around its Entra platform (you can find details here). While a lot was announced, I wanted to share some thoughts on just two areas. Its introduction of Secure Service Edge (SSE) and ID governance and lifecycle management.
What is Microsoft Entra?
Before we start, it is probably useful to introduce Entra. Entra is the brand name of the identity and access security elements available in Microsoft 365 and Azure. This includes Active Directory, conditional access policies, identity, and permissions management. It is more than just branding; Entra has also consolidated identity and access security management into one place, making it easier to gain visibility and management access.
Identity is a complex issue that requires a broad array of tools to address it. In this latest announcement, Microsoft shows they understand this and have added some key capabilities that will be valuable for customers as they tackle identity-centric security challenges.
Entra Access
It is Microsoft’s first move into the world of Secure Service Edge (SSE). SSE is an important part of modern enterprise access security, taking historically disparate systems, such as secure web gateway, cloud access broker, and zero-trust network access, and bringing them together into a single, usually cloud-based, security service. Bringing these tools more in line with the dynamic cloud-like environments most organizations need to protect.
Microsoft’s solution consists of two services: Internet Access and Private Access.
As shown above, each solution has a different focus. Internet Access acts as a modern Secure Web Gateway, securing access to SaaS apps (including M365). Private Access offers a replacement for traditional VPN using a Zero-Trust approach to managing and securing access to private enterprise systems. In both cases, Microsoft uses its extensive knowledge about user identities and behavior to constantly evaluate threats and reduce the risk of Identity-based attacks.
Why does it matter?
Microsoft is not unique in this space; there are many established vendors with mature SSE solutions. However, Microsoft’s brand and the solution’s seamless integration into M365 will help. They are making the SSE approach more visible to organizations and potentially easing its adoption.
Changing infrastructure and operational behavior means we must modernize enterprise edge security. We cannot rely on traditional architectures and must provide approaches as dynamic and broad as the systems it protects.
Entra ID Governance
While Entra Access takes an identity-centric view of access control, identity-centric security is only as good as the identities it is protecting. One of the biggest problems in the enterprise is poor identity lifecycle management. From the creation to the deletion of accounts, organizations often struggle to effectively manage the process. Accounts are provisioned into the wrong systems, given too few or too many permissions, and orphaned accounts are left in systems when users have moved to new roles or new companies.
Because of this, Microsoft’s announcement of Entra ID Governance is worth at least similar coverage to that afforded to SSE. Entra ID Governance is Microsoft’s identity management platform, helping its customers to better manage, secure, and orchestrate identities through their lifecycle.
It allows customers to easily build lifecycle automation for processes such as on and off-boarding, simplifying the process and reducing the scope for mistakes. It also offers access reviews, which, while not new, use “AI” to help guide those making the reviews, with automated insights into user access and where there may be risks. And entitlement management simplifies the management of user assignment to resources.
As with SSE, this is not unique to Microsoft, but for those using M365, this is another powerful addition to the portfolio. Identities are at the forefront of the cybersecurity challenge, and protecting them has to start with managing them correctly.
Let’s not forget!
Just in case you missed it, one bit of “marketing” that was included in these announcements is the rebranding of Azure Active Directory to Microsoft Entra ID. No doubt this will cause confusion, but as Microsoft looks to consolidate its Identity and Access tools under the Entra umbrella, it makes sense that the most important part of it, Active Directory, should be firmly placed under it.
To sum up
I’ve been watching Microsoft’s development of its security capabilities over the last few years, and it continues to impress with its innovation and strategic direction. While many of these tools are only truly valuable to its M365 subscribers, there are enough of those for this to make a big difference in enterprise security. Identity and data are the targets of cybercriminals, and it’s important that organizations protect them both and take advantage of modern tools and techniques to do so, because you can certainly bet that the cyber attackers are doing just that.
These announcements show that Microsoft continues to invest in, and develop its increasingly broad security portfolio.