Microsoft Developing 'Converged' Identity Platform Built on Entra

Microsoft this week sketched out its preliminary plans for building an identity access management platform to help organizations bridge gaps in their cloud security.

In a blog post Wednesday, Microsoft's Joseph Dadzie described the challenges organizations face as their end users get more dispersed and remote. For instance, he noted, they're being tasked with balancing users' near-constant cloud access with ensuring round-the-clock security of their infrastructures.

"As businesses expand, organizations inevitably face challenges of overprovisioning at various levels. Initially, this manifests as granting more access to accommodate growing teams and workloads and can lead to overlapping access privileges. To address these issues, organizations must proactively identify vulnerabilities in identities and permissions and respond swiftly and, eventually, automatically," wrote Dadzie, who is the partner director of product management at Microsoft.

"There's a pressing need for a new solution that empowers all identities to access resources in any cloud securely while adhering to least-privileged permissions."

Microsoft's answer, he indicated, is a forthcoming platform that will build on the company's existing Entra capabilities, such as Permissions Management (CIEM), Privileged Identity Management (PAM), ID Governance (IGA) and Workload Identity (IAM for workloads). Additionally, Microsoft will employ AI and machine learning to enhance these technologies, helping organizations uncover difficult-to-detect risks and propose effective remediation strategies.

The new platform, which does not have a current release window, will focus on the following four areas:

  • Visibility: Insights into all identities and permissions, detecting risky permissions.
  • Risk Remediation: Recommendations for addressing risky permissions.
  • Granular Controls: Appropriate privileges for specific roles and durations.
  • Automated Governance: Continuous compliance through automated policies

Though a work-in-progress, Microsoft said platform marks a significant step in its efforts to provide robust security solutions for the digital landscape. The company will continue to provide updates on its progress and encourages organizations to explore Microsoft Entra ID Governance and Permissions Management as foundational elements of their cloud access management strategies.

More Entra News
Earlier this month, Microsoft made a handful of Entra security announcements, including:

Expanded Passkey Support. Microsoft Entra ID now supports device-bound passkeys in the Microsoft Authenticator app for iOS and Android. Passkeys are phishing-resistant and adhere to the W3C WebAuthN standard.

External Authentication Methods. Microsoft Entra ID now supports external authentication methods, allowing integration with various MFA providers. This flexibility helps meet diverse security requirements while maintaining a unified identity management system.

General Availability of Microsoft Entra External ID. Microsoft Entra External ID, a CIAM solution designed for partners, business customers and consumers, hit general availability on May 15. It aims to secure all identities, streamline collaboration and accelerate the development of secure applications.

Integration with Microsoft Defender for Cloud. The integration of Microsoft Entra Permissions Management with Microsoft Defender for Cloud, now available, enhances cloud security by providing visibility and recommendations for managing permissions across multiple cloud platforms.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.