With Entra, Microsoft unifies access management ‘silos’

Security: Great.

Permissions management: Sounds good.

Decentralized identity: Not sure exactly what that is yet, but I like it, I like it.

With its newly announced product suite Entra, Microsoft is bringing together these individual pillars of identity and access management—threat detection, multi-cloud handling, and credential approval—into one portfolio.

The three parts of the one Entra-ty:

Identity security: Microsoft’s Azure Active Directory flags anomalous access patterns and offers single sign-on, multifactor authentication, and conditional access. With a level of automation, admins can control and authorize access to apps and data for specific users.

Multicloud management: Formerly known as CloudKnox Permissions Management, the rebranded product is scratching out that first part and going with Entra Permissions Management, which will be offered as a standalone product in July 2022. The cloud infrastructure entitlement manager, or CIEM, helps users access an organization’s many off-premises environments. “Through one unified pane of glass, you can manage Google Cloud permissions and Azure permissions and AWS permissions,” Vasu Jakkal, Microsoft’s CVP of security, compliance, identity, management and privacy, told IT Brew.

That unified window, a Permissions Management Dashboard, includes a dropdown list of authorized systems (Azure, AWS, GCP) and folders, along with a funny-sounding “Permission Creep Index.” Not a phonebook of IT’s most eccentric and obnoxious, the Creep Index uses a range of factors to determine an unnecessary accumulation of access rights.

Decentralized identity: Rebranded from Azure Active Directory Verifiable Credentials, Entra Verified ID acts as a kind of digital wallet, according to Jakkal. Each verifiable credential is a signed container of identity data from an authoritative source—the issuer.

A user then chooses to share that credential with another entity: the verifier. The “decentralized” idea, available in August, brings together privacy and identity as new digital technologies emerge, Jakkal said: “Think metaverse and all of these new concepts which are coming into being. You need that trust fabric, and I think that's where privacy and identity are going to have to connect together.”

The unified Entra portal aims to merge the above components of identity and access management—features that had been provided separately.

“The real unifying idea of Entra is none of these should be siloed and different things. They all need to be connected,” said Jakkal.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected] or DM @BillyHurls on Twitter.