News

Microsoft Issues 2025 Identity Security Best Practices

Microsoft has outlined key identity management strategies to help enterprises safeguard their data in 2025.

The key, according to the company, is to adopt "proactive defensive measures" to protect against growing AI-based attacks and widespread phishing campaigns. After consulting with its customers, Microsoft has identified three areas in which enterprises can harden their defenses.

Start Secure, Stay Secure and Prepare for New Cyberthreats
Organizations are encouraged to adopt the "secure by default" practice by enforcing multifactor authentication (MFA) and mitigate risks associated with shadow IT and non-human identities.

"Reactive security isn't enough to safeguard your environment," said Microsoft's Joy Chik, president of Identity & Network Access at Microsoft. "Our guidance for 2025 is to always start at the highest level of security (Secure by Default), then dial back as needed for compatibility or other reasons. It’s also critical to protect all identities: employees, contractors, partners, customers, and, most importantly, machine, service, and AI identities."

Getting a handle on shadow IT is also important. Microsoft recommends that IT monitor for unauthorized apps and ensure those that are entering a network are secure by default.

To help with this, Microsoft has implemented tools like managed Conditional Access policies and phishing-resistant authentication that aim to reduce account compromises. Additionally, it's recently extended multifactor authentication requirements for more of its own services, like the Microsoft Azure and Intune portals.
Extend Zero Trust Access Controls to All Resources
Microsoft said the next consideration is to extend Zero trust principles to all resources, including legacy systems and online applications. Automation, entitlement management and lifecycle workflows can help enforce least privilege access and protect against lateral movement during potential compromises.

Microsoft recommends employing the Microsoft Entra Suite for Zero trust deployments, and tools like Microsoft Entra Private Access can be used to replace outdated VPN points of access.

Use Generative AI to Tip the Scales in Favor of Defenders
With so many new attacks implementing generative AI, it only makes sense to use the same technology to guard against it. One option is Microsoft Security Copilot, which Microsoft said help reduce the average time to address a security risk by 30.1 percent. Chik also outlined some ways in which IT can employ AI in their proactive security strategy:

  • Enhance risky user investigations: Investigate identity compromises faster with AI-powered recommendations for proactive mitigation and defense. Use natural language conversations to investigate risky users and to gain insights into elevated risk levels and risky sign-ins.
  • Troubleshoot sign-ins: Use natural language conversations to uncover root causes of sign-in failures, interruptions, or multifactor authentication prompts. Automate troubleshooting tasks and let AI discover actionable insights across user details, group details, sign-in logs, audit logs, and diagnostic logs.
  • Mitigate app risks: Use intuitive prompts to manage and remediate application risks as well as gain detailed insights into permissions, workload identities, and cyberthreats.

Wanting to practice what it preaches, Chik outlined how the company has taken recent steps to strengthen its proactive security approach, including eliminating 730,000 outdated and noncompliant apps, along with 1.7 million unused or outdated Microsoft Azure Active Directory and Microsoft Entra ID systems from production and test environments.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.