Microsoft Entra is Microsoft’s modern identity and access management product. Its capabilities include centralized identity and access governance for both hybrid-cloud (incorporating on-premises systems) and multi-cloud (spanning multiple cloud providers).
The Entra product incorporates three core services:
- Azure Active Directory, the identity services at the core of the Azure cloud and Microsoft 365. Azure AD provides a broad set of modern authentication and authorization services based on modern protocols (OpenIDConnect and OAuth 2.0), with robust analytics and protections against a variety of attacks aimed at identity theft or misuse. In addition, Azure AD provides secure implementations of some legacy services and protocols (such as Kerberos) to provide integration with and a migration path from on-premises Active Directory.
- Permissions Management, the set of services providing analytics and management for permissions across workloads hosted in Azure, Amazon Web Service and Google Cloud Platform. This leverages the CloudKnox capabilities which were acquired by Microsoft in 2021. These services allow the identification and remediation of violations of compliance and best-practice in single- and multi-cloud environments, a feature set broadly described as Cloud Infrastructure Entitlement Management, or CIEM.
- Verified ID, the Microsoft implementation of decentralized Identity. This enables the issuance to individuals of digital “proofs” (such as identity passes, employment records and qualification certificates) which are held in a digital wallet (for example, on a mobile device) and can then be selectively presented as required, without the need for a query to a centralized identity store, thus serving the goal of placing the control of identity-related information in the hands of the individual, rather than in some central identity store.
The Entra branding provides continuing evidence for Microsoft’s ongoing commitment to robust Identity and Access services as the core foundation for perimeter-less architectures in a zero-trust world.
Oxford Computer Group’s Microsoft-focused practice remains concentrated on precisely these technologies. We will be pleased to help you navigate this ever-changing feature landscape. You may also wish to read this blog from Oxford Computer Group.