News

Microsoft Developing 'Converged' Identity Platform Built on Entra

Microsoft this week sketched out its preliminary plans for building an identity access management platform to help organizations bridge gaps in their cloud security.

In a blog post Wednesday, Microsoft's Joseph Dadzie described the challenges organizations face as their end users get more dispersed and remote. For instance, he noted, they're being tasked with balancing users' near-constant cloud access with ensuring round-the-clock security of their infrastructures.

"As businesses expand, organizations inevitably face challenges of overprovisioning at various levels. Initially, this manifests as granting more access to accommodate growing teams and workloads and can lead to overlapping access privileges. To address these issues, organizations must proactively identify vulnerabilities in identities and permissions and respond swiftly and, eventually, automatically," wrote Dadzie, who is the partner director of product management at Microsoft.

"There's a pressing need for a new solution that empowers all identities to access resources in any cloud securely while adhering to least-privileged permissions."

Microsoft's answer, he indicated, is a forthcoming platform that will build on the company's existing Entra capabilities, such as Permissions Management (CIEM), Privileged Identity Management (PAM), ID Governance (IGA) and Workload Identity (IAM for workloads). Additionally, Microsoft will employ AI and machine learning to enhance these technologies, helping organizations uncover difficult-to-detect risks and propose effective remediation strategies.

The new platform, which does not have a current release window, will focus on the following four areas:

  • Visibility: Insights into all identities and permissions, detecting risky permissions.
  • Risk Remediation: Recommendations for addressing risky permissions.
  • Granular Controls: Appropriate privileges for specific roles and durations.
  • Automated Governance: Continuous compliance through automated policies

Though a work-in-progress, Microsoft said platform marks a significant step in its efforts to provide robust security solutions for the digital landscape. The company will continue to provide updates on its progress and encourages organizations to explore Microsoft Entra ID Governance and Permissions Management as foundational elements of their cloud access management strategies.

More Entra News
Earlier this month, Microsoft made a handful of Entra security announcements, including:

Expanded Passkey Support. Microsoft Entra ID now supports device-bound passkeys in the Microsoft Authenticator app for iOS and Android. Passkeys are phishing-resistant and adhere to the W3C WebAuthN standard.

External Authentication Methods. Microsoft Entra ID now supports external authentication methods, allowing integration with various MFA providers. This flexibility helps meet diverse security requirements while maintaining a unified identity management system.

General Availability of Microsoft Entra External ID. Microsoft Entra External ID, a CIAM solution designed for partners, business customers and consumers, hit general availability on May 15. It aims to secure all identities, streamline collaboration and accelerate the development of secure applications.

Integration with Microsoft Defender for Cloud. The integration of Microsoft Entra Permissions Management with Microsoft Defender for Cloud, now available, enhances cloud security by providing visibility and recommendations for managing permissions across multiple cloud platforms.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.