Piecing Together the Secure Identity Puzzle

Microsoft develops new functionality for their cloud systems at a staggering pace, with new releases roughly every six weeks. How can you keep track? How can you ensure your organization benefits from new features quickly and seamlessly?

In this blog, I highlight some important updates in the area of secure identity that have been announced over the last couple of weeks. I also cover why investing in a secure identity strategy enables organizations to adopt new technology fast, and to respond to business challenges without compromising security or compliance goals.

Secure Identity – recent updates

Pass-through Authentication is in General Availability (so it is now a released feature, and no longer in preview.) I blogged about this (and its intelligent lockout prevention) back in July. The PTA functionality may make a full-blown ADFS implementation unnecessary for certain environments (e.g. those where the only integration needed is that between an on-premises Active Directory and Azure Active Directory).

Documentation is here, and here is an excellent blog by John Craddock, who is presenting his Identity Masterclass in the US and UK through OCG Learning.

Microsoft Teams now supports B2B federation: you can invite people from other Azure AD tenants to take part in your team. Teams has been delivering improved collaboration for a while, albeit only between users in the same AAD tenant. But now that B2B integration is available, it becomes even more useful – for example, you can invite your favourite OCG consultant to be a member of internal teams! Read the announcement here.

Conditional Access has received a bunch of updates to make it even more useful in controlling and monitoring access. Using intelligence about the nature of an access request (which user, device, location) access can be controlled with fine-grained precision using Cloud App Security, across devices using Windows and (now) MacOS. Read the announcement here.

Each piece is part of a bigger picture – but what does the big picture look like?

As demonstrated above, features for cloud systems are coming out all the time, and the pace can sometimes seem overwhelming. Functionality first appears in Private Preview, then Public Preview, then it appears in General Availability, and then additional functionality appears in Preview, then GA…and so on. It can be exhausting keeping track!

I like to compare this process to the assembly of a several large jigsaw puzzles at the same time. Each piece is part of a bigger picture, but to an outsider it is very hard to see what the whole picture will look like when it is finished, or even which picture each piece contributes to. And for fairly obvious reasons, Microsoft does not reveal all of its long-term plans to the general public.

Secure Identity is our business

Secure identity has been Oxford Computer Group’s core business for as long as it has existed! Our close relationship with Microsoft, developed over many years, means that we get advance information under NDA about new functionality.

We spend time working out how individual pieces of the secure identity puzzle fit together in a way which benefits our enterprise customers. Sometimes, this involves waiting until all relevant pieces are available – like that satisfying moment when a free-floating block of a half-finished jigsaw puzzle is finally anchored onto the rest. We do this work so that our customers don’t have to!

Many of our customers have sufficient faith in Microsoft (and us) to adopt emerging technology during Preview (mostly as a pilot) with full production deployment waiting until GA. This is a radical shift from only a handful of years ago, when only a few brave souls would deploy a pilot based on beta software, followed by a production upgrade.

Of course, there are other customers who have less freedom to adopt pre-release software, and we work equally enthusiastically with them, post GA – and these customers benefit additionally from the experience gathered in the Preview phase.

A Secure Identity strategy enables organizations to be agile and competitive

In order for customers to implement new pieces of the secure identity puzzle as and when they are released (either at the Preview or at the GA stage), and to benefit from new features as soon as the time is right, they need to have a clear idea where they are going with identity and what their priorities are.

Oxford Computer Group has helped hundreds of organizations to develop a secure identity strategy. Together we build foundational strategy and infrastructure so that new pieces (whether from Microsoft or others) find their place with clarity and certainty, and pieces whose time has not yet come can be set aside until later.

Many customers start off with an Envisioning Workshop. Through a combination of on-site workshops, discussions, interviews and analysis, our highly experienced consultants present a roadmap with clearly defined next steps to guide decision making.

In summary, it is the investment in preparation – and the development of a secure identity strategy – that makes agility happen.