SlideShare a Scribd company logo

Microsoft-Entra-Identity-and-Access-presentation.pdf

J
JohnDoe583546

Microsoft Entra is a product family name for Microsoft’s identity and access products. Entra ID is a rebranding of Azure Active Directory (Azure AD). Entra ID is our hero identity solution and is a part of Microsoft Entra. The name has changed because we’re expanding in several new categories and need name that can convey modern access security across broad range of products.

Software
1 of 61
Download to read offline
Microsoft Entra Secure access for a connected world
Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
Microsoft - Consistently recognized as a Leader by industry analysts Microsoft Entra Source: Gartner Magic Quadrant for Access Management, November 2022 Source: IDC MarketScape Worldwide Advanced Authentication for Identity Security, 2021
Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
Azure Active Directory
→ → →
Protect your users, apps, workloads, and devices. Seamless user experiences Unified identity management
Secure adaptive access Unified identity management Protect your users, apps, workloads, and devices.
ZAPIER GITHUB ADOBECREATIVE CLOUD WORKDAY LUCIDCHART MYDAY CORNERSTONE ONDEMAND ATLASSIAN JIVE NETSUITE BENEFITS BOX TERRAFORM CLOUD DROPBOX BUSINESS SUCCESS FACTORS MARKETO COMPANY STORE BLACKBOARD LEARN SAP ANALYTICS CLOUD CISCO ANYCONNECT FRESHSERVICE
Secure adaptive access Seamless user experiences Protect your users, apps, workloads, and devices.
Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
Multicloud adoption brings new permission challenges Exponential growth of identities, machines, functions, and scripts operating in the cloud infrastructure >50% of permissions are high-risk and can cause catastrophic damage >90% of identities are using <5% of permissions granted
A new, dynamic approach Grants permissions based on job roles and responsibilities Permission clean-up is done manually on an as-need basis IAM admins manually grant permissions which are not time-bound Grants permissions based on historical usage and activity Allow temporary access to high-risk permissions on-demand Continuously monitor and right-size identities to prevent privilege creep Grants permissions based on job roles and responsibilities Permission clean-up is done manually on an as-need basis IAM admins manually grant permissions which are not time-bound Today’s static, outdated approach
Identity Provider Resources Actions Identities Microsoft Entra Permissions Management
Permission Creep Index usage analytics
Just-In-Time access permissions on-demand
with customizable alerts machine learning- based anomaly detections detailed reports and cyber kill chain analysis
Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
25.6billion attempts to hijack enterprise customer accounts detected and blocked by Microsoft from Jan – Dec 2021. Identity & Access Management Trends & Challenges People don’t own their identity data Individuals lack visibility on how their data is used, and how to get it back Regulations are increasing 65% of the world’s population will be covered by privacy regulations by 2023 Modern workplace is hybrid Remote identity proofing processes are unsatisfactory for 82% of organizations Identity is the New Battleground, Cyber Signals, February 2022
Issue easily Verify confidently Use anywhere
Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
Identity Can auditors verify that the controls are working? 04 Are there effective organizational controls for managing access? 03 What are they doing with that access? 02 Who has/should have access to which resources? 01 Access Recertification Secure privileged access for administration Access Lifecycle Management Onboarding / Provisioning
Single sign-on and outbound provisioning
Manage users by automating Joiner/Mover*/Leaver processes * To be supported in future
Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
Difficult to manage workload identity lifecycle: Many traditional IAM capabilities do not apply to workload identities Higher potential for secrets or credentials to leak: How to ensure that workload identities are not breached Lacking capabilities for securing access: How to remove unnecessary or overprivileged access
Sources: Internal Microsoft marketing research 2021, CloudKnox 2021 Solutions that improve access management for non-human entities 1:20 in five years 1:5 today - User Identity - Workload Identity
Workload Identities An identity and access management (IAM) solution that manages and secures access by applications and services.
Support for Conditional Access policies applied to workload identities. Define the conditions under which a workload may access a resource. Enables blocking workload identities from outside of trusted IP ranges, such as a corporate network public IP ranges. Conditional Access for workload identities
Support identity protection capabilities, such as detecting, investigating and remediating, to workload identities. Detect risk on workload identities across sign- in behavior and offline indicators of compromise. Enable applying risk-based conditional access to workload identities. Identity protection for workload identities
Reduce the risk associated with stale role assignment by configuring recurring reviews of workload identities Delegate the reviews to the right people, then automatically revoke access of the denied workload identities. Access reviews for workload identities
Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
© Copyright Microsoft Corporation. All rights reserved.

Recommended

20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure adArjan Cornelissen
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
What is Microsoft Entra ID
What is Microsoft Entra IDWhat is Microsoft Entra ID
What is Microsoft Entra IDwilliamjoe7
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)WinWire Technologies Inc
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationPatrick Leckie
 

Recommended

20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure ad20181213 - wazug protecting your data with azure ad
20181213 - wazug protecting your data with azure adArjan Cornelissen
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
What is Microsoft Entra ID
What is Microsoft Entra IDWhat is Microsoft Entra ID
What is Microsoft Entra IDwilliamjoe7
 
Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)Secure Your Cloud Environment with Azure Active Directory (AD)
Secure Your Cloud Environment with Azure Active Directory (AD)WinWire Technologies Inc
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceVignesh Ganesan I Microsoft MVP
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Softwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationSoftwerx Microsoft 365 Security Webinar Presentation
Softwerx Microsoft 365 Security Webinar PresentationPatrick Leckie
 
School of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxSchool of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxjeffsrosalyn
 
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Bruno Caseiro
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
AbedElilahElmahmoumP1.pptx
AbedElilahElmahmoumP1.pptxAbedElilahElmahmoumP1.pptx
AbedElilahElmahmoumP1.pptxAbedElElahElMHMOOM
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprisehardik soni
 
TOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONTOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONInfosec Train
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...David J Rosenthal
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIsSteven Aiello
 
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...Peter Selch Dahl
 
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119lior mazor
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewDavid J Rosenthal
 
API security
API securityAPI security
API securityEduards Salnikovs
 
Primendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimend
 
Build Your Career With Sailpoint Training.pdf
Build Your Career With Sailpoint Training.pdfBuild Your Career With Sailpoint Training.pdf
Build Your Career With Sailpoint Training.pdfMrunalshetty3
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...Morgan Simonsen
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 

More Related Content

Similar to Microsoft-Entra-Identity-and-Access-presentation.pdf

School of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxSchool of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxjeffsrosalyn
 
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Bruno Caseiro
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldKatherine Cola
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the HourTechdemocracy
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprisehardik soni
 
TOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONTOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONInfosec Train
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...David J Rosenthal
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIsSteven Aiello
 
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...Peter Selch Dahl
 
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119lior mazor
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewDavid J Rosenthal
 
Primendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimend
 
Build Your Career With Sailpoint Training.pdf
Build Your Career With Sailpoint Training.pdfBuild Your Career With Sailpoint Training.pdf
Build Your Career With Sailpoint Training.pdfMrunalshetty3
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...Morgan Simonsen
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 

Similar to Microsoft-Entra-Identity-and-Access-presentation.pdf (20)

School of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docxSchool of Computer & Information SciencesITS-532 Cloud C.docx
School of Computer & Information SciencesITS-532 Cloud C.docx
 
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
AbedElilahElmahmoumP1.pptx
AbedElilahElmahmoumP1.pptxAbedElilahElmahmoumP1.pptx
AbedElilahElmahmoumP1.pptx
 
Why IAM is the Need of the Hour
Why IAM is the Need of the HourWhy IAM is the Need of the Hour
Why IAM is the Need of the Hour
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprise
 
TOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTIONTOP SAILPOINT INTERVIEW QUESTION
TOP SAILPOINT INTERVIEW QUESTION
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIs
 
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
 
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
The Hacking Games - Security vs Productivity and Operational Efficiency 20230119
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
Microsoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 OverviewMicrosoft 365 eEnterprise E5 Overview
Microsoft 365 eEnterprise E5 Overview
 
API security
API securityAPI security
API security
 
Primendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suitePrimendi Pilveseminar - Enterprise Mobility suite
Primendi Pilveseminar - Enterprise Mobility suite
 
Build Your Career With Sailpoint Training.pdf
Build Your Career With Sailpoint Training.pdfBuild Your Career With Sailpoint Training.pdf
Build Your Career With Sailpoint Training.pdf
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect Design
 
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
NIC 2017 Azure AD Identity Protection and Conditional Access: Using the Micro...
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 

Recently uploaded

Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesPhilip Schwarz
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxnada99848
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 

Recently uploaded (20)

Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a seriesFolding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
software engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptxsoftware engineering Chapter 5 System modeling.pptx
software engineering Chapter 5 System modeling.pptx
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 

Microsoft-Entra-Identity-and-Access-presentation.pdf

  • 1. Microsoft Entra Secure access for a connected world
  • 2.
  • 3.
  • 4. Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
  • 5.
  • 6. Microsoft - Consistently recognized as a Leader by industry analysts Microsoft Entra Source: Gartner Magic Quadrant for Access Management, November 2022 Source: IDC MarketScape Worldwide Advanced Authentication for Identity Security, 2021
  • 7. Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
  • 10.
  • 11. Protect your users, apps, workloads, and devices. Seamless user experiences Unified identity management
  • 12.
  • 13.
  • 14.
  • 15.
  • 16. Secure adaptive access Unified identity management Protect your users, apps, workloads, and devices.
  • 17.
  • 18. ZAPIER GITHUB ADOBECREATIVE CLOUD WORKDAY LUCIDCHART MYDAY CORNERSTONE ONDEMAND ATLASSIAN JIVE NETSUITE BENEFITS BOX TERRAFORM CLOUD DROPBOX BUSINESS SUCCESS FACTORS MARKETO COMPANY STORE BLACKBOARD LEARN SAP ANALYTICS CLOUD CISCO ANYCONNECT FRESHSERVICE
  • 19.
  • 20.
  • 21.
  • 22. Secure adaptive access Seamless user experiences Protect your users, apps, workloads, and devices.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27. Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
  • 28. Multicloud adoption brings new permission challenges Exponential growth of identities, machines, functions, and scripts operating in the cloud infrastructure >50% of permissions are high-risk and can cause catastrophic damage >90% of identities are using <5% of permissions granted
  • 29.
  • 30. A new, dynamic approach Grants permissions based on job roles and responsibilities Permission clean-up is done manually on an as-need basis IAM admins manually grant permissions which are not time-bound Grants permissions based on historical usage and activity Allow temporary access to high-risk permissions on-demand Continuously monitor and right-size identities to prevent privilege creep Grants permissions based on job roles and responsibilities Permission clean-up is done manually on an as-need basis IAM admins manually grant permissions which are not time-bound Today’s static, outdated approach
  • 32.
  • 35. with customizable alerts machine learning- based anomaly detections detailed reports and cyber kill chain analysis
  • 36. Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
  • 37. 25.6billion attempts to hijack enterprise customer accounts detected and blocked by Microsoft from Jan – Dec 2021. Identity & Access Management Trends & Challenges People don’t own their identity data Individuals lack visibility on how their data is used, and how to get it back Regulations are increasing 65% of the world’s population will be covered by privacy regulations by 2023 Modern workplace is hybrid Remote identity proofing processes are unsatisfactory for 82% of organizations Identity is the New Battleground, Cyber Signals, February 2022
  • 38.
  • 39.
  • 40.
  • 41.
  • 43.
  • 44. Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
  • 45. Identity Can auditors verify that the controls are working? 04 Are there effective organizational controls for managing access? 03 What are they doing with that access? 02 Who has/should have access to which resources? 01 Access Recertification Secure privileged access for administration Access Lifecycle Management Onboarding / Provisioning
  • 46.
  • 47.
  • 48.
  • 49. Single sign-on and outbound provisioning
  • 50. Manage users by automating Joiner/Mover*/Leaver processes * To be supported in future
  • 51. Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
  • 52.
  • 53. Difficult to manage workload identity lifecycle: Many traditional IAM capabilities do not apply to workload identities Higher potential for secrets or credentials to leak: How to ensure that workload identities are not breached Lacking capabilities for securing access: How to remove unnecessary or overprivileged access
  • 54. Sources: Internal Microsoft marketing research 2021, CloudKnox 2021 Solutions that improve access management for non-human entities 1:20 in five years 1:5 today - User Identity - Workload Identity
  • 55. Workload Identities An identity and access management (IAM) solution that manages and secures access by applications and services.
  • 56. Support for Conditional Access policies applied to workload identities. Define the conditions under which a workload may access a resource. Enables blocking workload identities from outside of trusted IP ranges, such as a corporate network public IP ranges. Conditional Access for workload identities
  • 57. Support identity protection capabilities, such as detecting, investigating and remediating, to workload identities. Detect risk on workload identities across sign- in behavior and offline indicators of compromise. Enable applying risk-based conditional access to workload identities. Identity protection for workload identities
  • 58. Reduce the risk associated with stale role assignment by configuring recurring reviews of workload identities Delegate the reviews to the right people, then automatically revoke access of the denied workload identities. Access reviews for workload identities
  • 59.
  • 60. Azure Active Directory Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Identity Governance Microsoft Entra Workload Identities Microsoft Entra
  • 61. © Copyright Microsoft Corporation. All rights reserved.