Our website use cookies to improve and personalize your experience. Our website may also include cookies from third parties like Google Adsense, Google Analytics & Youtube. By using the website, you consent to the use of cookies. We have updated our Privacy Policy. Please click on the button to check our Privacy Policy.

Microsoft Entra

microsoft entra cover

Microsoft Entra

Secure access for a connected world.

Azure Active Directory

Protect your users, apps, workloads, and devices.

Permissions Management

One unified model to manage permissions of any identity across any cloud.

Verified ID

Enable more secure interactions while respecting user privacy.

A few months ago Microsoft introduced us to Microsoft Entra as a new product family that encompasses all of Microsoft’s identity and access capabilities. The Entra family includes Microsoft Azure Active Directory (Azure AD), as well as two new product categories: Cloud Infrastructure Entitlement Management (CIEM) and decentralized identity. The products in the Entra family will help provide secure access to everything for everyone, by providing identity and access management, cloud infrastructure entitlement management, and identity verification.

Protect access to any app or resource

Safeguard your organization by protecting access to every app and every resource for every user.

Secure and verify every identity

Effectively secure every identity including employees, customers, partners, apps, devices, and workloads across every environment.

Provide only the access necessary

Discover and right-size permissions, manage access lifecycles, and ensure least privilege access for any identity.

Simplify the experience

Keep your users productive with simple sign-in experiences, intelligent security, and unified administration.

Azure Active Directory

Protect your users, apps, workloads, and devices.

Secure Adaptive Process

Protect access to resources and data using strong authentication and risk-based adaptive access policies without compromising user experience.

Seamless User Experiences

Provide an easy, fast sign-in experience across your multi-cloud environment to keep your users productive, reduce time managing passwords, and increase productivity.

Unified Identity Management

Manage all your identities and access to all your applications in a central location, whether they’re in the cloud or on-premises, to improve visibility and control.

Simplified Identity Governance

Control access to apps and data for all users and admins efficiently with automated identity governance to ensure only authorized users have access.

The goal of many IT leaders is to continue to make access protection stronger while, at the same time, making everyday tasks easier for their users. This is about how people sign in, how often they have to sign in, and how they authenticate that users are who they say they are.

From our experience we find that the proper application of a username and password is not a tremendous predictor of a genuinely authenticated person. In other words, just knowing the username and password doesn’t prove that I am who I say I am. If that’s true – How can this be improved? How do we get to a world that’s beyond passwords, beyond what we know are faulted technologies for proving authentication, and at the same time make it easier for end users?

It is also equally important to understand how much control you really have over access? Not only who is accessing what but also, can those access control policies change depending on various conditions?

For example, I might be a very trustworthy employee of Oakwood today, and I might be allowed to access certain sensitive information. Tomorrow, I might be a slightly less trustworthy employee, for a variety of reasons we’ll get into in a moment, and I might not be allowed to access that same information. Can your access control policies adapt to those changing conditions? Can you make decisions on the fly? This is a technique being championed by many industry experts and analysts.

Some experts refer to this as adaptive security. The identity space is the primary control point for such a capability.

Lastly, we ask, how do you protect user credentials? This is really about, in this imperfect world where we do sometimes rely on username and password, keeping those credentials protected once they’re used. So that when they’re stored as part of an operating system session for example, that they can’t be hijacked by an attacker and then used to access other things that the genuine legitimate user is not trying to access.

With all the above being said – Microsoft’s approach to identity and access management is really threefold.

  • Secure authentication that is convenient for end users.
  • Conditional access to reach Zero trust
  • Identity protection – safeguard those identities when they are used as part of an OS session or application session.

Permissions Management

One unified model to manage permissions of any identity across any cloud.


Get a comprehensive view of every action performed by any identity on any resource.


Right-size permissions based on usage and activity and enforce permissions on-demand at cloud scale.


Detect anomalous permission usage and generate detailed forensic reports.

Microsoft Entra Permissions Management aims to eliminate the complexity of multi-cloud environments and streamline permission management from a single unified platform.

CloudKnox Permissions Management fully supports multi-cloud, meaning that it works with all the major cloud service providers, including Google Cloud, AWS, and Microsoft Azure. With CloudKnox Permissions Management, we provide a comprehensive, streamlined view into every action performed by every identity on every resource, so that you can have a look at where your permission risks lie within your cloud infrastructure.

30% of IT Decision Makers (ITDMs) say that lack of centralized visibility is their biggest challenge when it comes to managing cloud privileged access. (Source: internal Microsoft research 2021)

To make this challenge easier, the CloudKnox Permissions Management dashboard gives you granular visibility into every action performed by every identity on every resource. These discoveries are reported in the ‘Permission Creep Index’, which is a single metric that evaluates the gap between permissions granted and permissions used, if you remember that table from a previous slide. The higher the number of unused high-risk permissions, the higher the index score.

cloudknox dashboard

Once you identify the most critical permissions risks in your infrastructure, CloudKnox Permissions Management allows you to automate least privilege policy enforcement and right-size your permissions with just a few clicks.

For one-off scenarios when an identity needs to perform a certain set of actions on a set of specific resources, they can request those permissions in a just-in-time manner for a limited period with our self-service workflow. Once the specified time period is up, those permissions with automatically be revoked.

With so many security risks developing in this multi-cloud world, staying aware of your organization’s vulnerabilities is essential. CloudKnox Permissions Management’s machine learning-based anomaly detections will alert you of any suspicious activity. You can also set up customizable trigger alerts for a specific set of actions or resources to automate your monitoring and perform incident response.

Another way you can support rapid investigation and remediation is by generating fully-customizable context-rich forensic reports around identities, actions, and resources.

Verified ID

Enable more secure interactions while respecting privacy with an industry-leading global platform.

Fast remote onboarding

Validate identity information for trustworthy self-service enrollment and reduced time-to-hire.

More secure

Quickly verify an individual’s credentials and status to grant least-privilege access with confidence.

Easy account recovery

Replace support calls and security questions with a streamlined self-service process to verify identities.

Custom business solutions

Easily build solutions for a wide range of use cases with our developer kit, APIs, and documentation.

92% of organizations perform identity verification today.

82% wish there was a better way.

microsoft entra verified id

The diagram above illustrates the participation of three parties in a verifiable credentials interaction. This solution automates verification of identity credentials and claims.

The verifier is an organization that requests proof and upon receipt verifies that claims in credentials satisfy requirements. The user receives and approves the request for credentials obtained from issuer and presents to verifier. The credential claims are cryptographically signed with the user’s private key. The issuer is an organization that attests to claims and grants digitally signed credentials to the user. An ecosystem of organizations, workplaces, governments, schools, institutions, and individuals act as trusted issuers and verifiers for verifiable credentials, with users granting permission and managing access through their digital wallet.

Want to learn more? Reach out to one of our Microsoft Entra specialists below.

Related Posts