Get in Touch
Published: 1st August 2023 | In: Insights
Our resident identity practice lead, Ricky Simpson, attended the Reimagine secure access with Microsoft Entra event by Microsoft virtually earlier this month. Here are his main takeaways from the keynote.
Farewell Azure Active Directory
Since the introduction of the Entra product family last year, Microsoft have released new products and services under the Entra moniker, such as Microsoft Entra Permissions Management. The one product left in the family was Azure Active Directory, or Azure AD. To aid in simplicity, Azure AD will now be rebranded to Microsoft Entra ID. All capabilities, entitlements, APIs, sign-in URLs and licensing plans will remain the same, but as from July 11th, 2023, Microsoft Entra ID will be the new name for Azure AD. This includes Azure AD Identity Protection (AAD IP), which has now become Microsoft Entra ID Protection. Expect these changes to be reflected in consoles, user interfaces and documentation pages soon, with the complete rebrand targeted to conclude before the end of the calendar year.
New methods for secure access, from anywhere
Microsoft announced two brand-new Security Service Edge products to aid in making it easier to secure access to any app or resource. Microsoft Entra Internet Access and Microsoft Entra Private Access.
Microsoft Entra Internet Access secures any identity’s access to internet resources, Software-as-a-Service (SaaS) and Microsoft 365 apps. Effectively, a Secure Web Gateway (SWG) solution, it unifies controls to close security gaps and minimises the risk of cyber threats but simplifies and modernises the process at the same time.
Microsoft Entra Private Access helps secure access to all private apps and resources by implementing a Zero Trust Network Access (ZTNA) solution. This cloud scalable solution allows customers to remove the risk and operational overhead of VPNs, whilst vastly improving the user experience and making it more seamless than ever for authorised users to access the resources they need, from anywhere.
Refreshed Microsoft Entra landing page
Partly driven by the continuous introduction of new products in the Entra family, and party due to the major rebrand of Azure AD described above, the admin center for Entra (entra.microsoft.com) has been updated to reflect all new product names and gives identity admins a single place to bookmark for accessing the products, features and tools they need. Here’s a screenshot of how the console now looks:
Finally, some improved functionality was announced in the identity governance space – now formally called Microsoft Entra ID Governance. These tools give customers the ability to standardise and maintain access to resources for both internal users, and external collaborative guests. This is achieved by combining Access Packages – catalogues of standard apps, files, sites and teams, and Access Reviews, which monitors identity lifecycles within your organisation, and highlights where there may be overprovisioning of permissions, or a pesky guest account that may still be lingering about the environment, prime for an attacker to take over.
These processes can even be tied to some cloud-based HR platforms to support joiners, leavers, and movers (JLM) processes. For example, once someone has left the organisation, their account could be automatically stripped of all access, but still left active if IT needs to perform any manual task on the account after the person has left. IT can still perform their work, and the risk of the account being used for nefarious purposes is vastly reduced due to the limiting of access.
Overall, these announcements underpin Microsoft’s commitment to being a world-leader in identity and in security. Identity is the cornerstone of most security incidents – bad guys look for accounts they can take over and then for routes to laterally move in an environment. They’ll do this until they find an account with some elevated permissions or privileges, making it a lot tougher for threat hunters to squash their attempts. Implementing these new features and retiring legacy tools and products vastly improves security posture, and bullies hate companies improving their posture.
Please get in touch with Quorum Cyber if you’d like to chat about any of these newly announced features in detail, and how they can help protect your organisation.