Earlier this month, Microsoft announced the release of the Microsoft Entra Suite; a collection of cutting-edge identity and access management capabilities designed to accelerate an organization’s journey to a Zero Trust security model.  

The Microsoft Entra Suite is comprised of the following components: 

• Microsoft Entra Private Access – A Zero Trust network access capability powered by Entra and Conditional Access 

• Microsoft Entra Internet Access – A Secure Web Gateway solution also powered by Entra and Conditional Access 

• Microsoft Entra ID Governance – Robust identity governance and management features to simplify the access to resources 

• Microsoft ID Protection – Detect, investigate and remediate identity-based risks and use real-time session or risk monitoring through Conditional Access  

• Microsoft Entra Verified ID (Premium capabilities) – A managed verifiable credential service based on open standards, and access to Face Check – a privacy-focused, real-time biometric check used to confirm an identity.  

Microsoft’s pedigree in both Identity and Security places them in a unique position to natively offer these capabilities in one place. The benefits of adopting the Microsoft Entra Suite include being able to control both identity and network security policies in one area: Conditional Access. This is huge, as Identity is widely regarded as the security perimeter in a cloud-first age. Not having to fragment your control policies throughout multiple products or consoles means it’s less likely that gaps will be left for attackers to exploit.  

One of the biggest advantages of adopting Microsoft Entra Private Access is being able to protect legacy, on-premises systems and resources behind a modern, multi-factor authentication process; something that required expensive third-party solutions up until now.  

One of the core tenants of Zero Trust – using the least privilege necessary, is made easier with Microsoft Entra ID Governance. Workflows can be created that communicate with HR systems, and will provision, alter or remove access to resources and applications based on how your people join, leave or move around the organization. This means that permissions and privileges should be reflective of the role that person is performing, and that excessive permissions aren’t being accumulated over time – a quality that attackers find very attractive.  

Finally, this new offering from Microsoft offers organizations an opportunity to consolidate a wide range of identity and network security tools and solutions into a single SKU. The cost savings from consolidation alone would be significant but could be realized even more when considering that Microsoft Entra information is free to ingest into Microsoft Sentinel. Imagine not having to worry about spikes in VPN or SWG traffic inflating your ACR total in a busy month.   

These are exciting announcements from Microsoft, and as a key MSSP, Quorum Cyber can help you and your organization when it comes to planning to adopt these new technologies. Whether it’s help with a current state assessment of your Microsoft Entra environment, or help identifying what legacy tools or products could be phased out using the Microsoft Entra Suite, you can reach out to us for assistance any time.