Skip to main content Why Microsoft Security AI-powered cybersecurity Cloud security Data security & governance Identity & network access Privacy & risk management Security for AI Unified SecOps Zero Trust Microsoft Defender Microsoft Entra Microsoft Intune Microsoft Priva Microsoft Purview Microsoft Sentinel Microsoft Security Copilot Microsoft Entra ID (Azure Active Directory) Microsoft Entra Agent ID Microsoft Entra External ID Microsoft Entra ID Governance Microsoft Entra ID Protection Microsoft Entra Internet Access Microsoft Entra Private Access Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Workload ID Microsoft Entra Domain Services Azure Key Vault Microsoft Sentinel Microsoft Defender for Cloud Microsoft Defender XDR Microsoft Defender for Endpoint Microsoft Defender for Office 365 Microsoft Defender for Identity Microsoft Defender for Cloud Apps Microsoft Security Exposure Management Microsoft Defender Vulnerability Management Microsoft Defender Threat Intelligence Microsoft Defender Suite for Business Premium Microsoft Defender for Cloud Microsoft Defender Cloud Security Posture Mgmt Microsoft Defender External Attack Surface Management Azure Firewall Azure Web App Firewall Azure DDoS Protection GitHub Advanced Security Microsoft Defender for Endpoint Microsoft Defender XDR Microsoft Defender for Business Microsoft Intune core capabilities Microsoft Defender for IoT Microsoft Defender Vulnerability Management Microsoft Intune Advanced Analytics Microsoft Intune Endpoint Privilege Management Microsoft Intune Enterprise Application Management Microsoft Intune Remote Help Microsoft Cloud PKI Microsoft Purview Communication Compliance Microsoft Purview Compliance Manager Microsoft Purview Data Lifecycle Management Microsoft Purview eDiscovery Microsoft Purview Audit Microsoft Priva Risk Management Microsoft Priva Subject Rights Requests Microsoft Purview Data Governance Microsoft Purview Suite for Business Premium Microsoft Purview data security capabilities Pricing Services Partners Cybersecurity awareness Customer stories Security 101 Product trials How we protect Microsoft Industry recognition Microsoft Security Insider Microsoft Digital Defense Report Security Response Center Microsoft Security Blog Microsoft Security Events Microsoft Tech Community Documentation Technical Content Library Training & certifications Compliance Program for Microsoft Cloud Microsoft Trust Center Security Engineering Portal Service Trust Portal Microsoft Secure Future Initiative Business Solutions Hub Contact Sales Start free trial Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Marketplace Rewards Software development companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap
Real people. IT professionals. Full service IT consulting firm harnesses ever-changing technology to solve complex business challenges.
  • News
  • 4 min read

Deliver productive and seamless user experiences with Azure Active Directory

By , President, Identity & Network Access

Content types

Products and services

Topics

Several months into the COVID-19 pandemic, many of us are still working remotely, and our organizations are still adjusting. Top of mind for every IT leader in this current landscape is meeting users’ needs for seamless access to resources while safeguarding the business from cyber threats. The highest priority for identity decision-makers, according to a recent study commissioned by Microsoft, is enabling highly productive user experiences.

I recently participated in a webcast on this topic with Rob O’Regan, global content director of IDG, and Bob Bragdon, senior vice president and managing director at CSO. We discussed the security perimeter of remote work and how a security strategy with identity at its foundation both reduces risk and improves productivity. You can watch the full webcast here. I’ve summarized my takeaways from the discussion below.

Identity is the foundation for your Zero Trust security strategy

Even before so many people started working from home earlier this year, the traditional corporate network perimeter had disappeared. People were already getting their work done using a variety of devices and software as a solution (SaaS) applications. Boundaries hindering digital collaboration were falling away. During this shift, identity became the control plane for security, because it provides effective access control to all digital resources for all users, including users who may be partners, customers, or even devices or bots. Identity solutions also give IT managers visibility into their entire digital estate.

In our interconnected world, relying on the old paradigm of corporate firewalls and VPNs isn’t an effective approach to enabling and securing remote work. That’s why many organizations accelerated their digital transformation plans once COVID-19 hit. For organizations like these, Zero Trust—with identity as the foundation—represents a stronger security strategy, as well as a worldview more in line with current times. It replaces the assumption that everything behind the corporate firewall is safe and trustworthy with three simple principles: verify explicitly, use least-privileged access, and assume breach. A Zero Trust approach validates all touchpoints in a system—identities, devices, and services—before considering them trustworthy.

Image

Seamless access to applications improves employee productivity

A good first step away from traditional perimeter-based defenses and toward an identity-based security framework is connecting all your apps to a single cloud identity solution like Azure Active Directory (Azure AD). This allows your employees to sign in to all their work apps with one set of credentials using single sign-on (SSO). Through centralized experiences like the My Apps portal, they can easily discover and access all the applications they need, including Office 365 apps; SaaS apps, including Adobe, Service Now, Workday; on-premises apps; and even custom-built lines of business apps.

Image

Getting secure access to apps doesn’t have to be a cumbersome experience that sacrifices workforce productivity. Take passwords, one of the biggest roadblocks to secure and productive access. For years, the security community has told users to create a unique and complex password for each account—and to change their passwords frequently. But, to make their lives easier, people often reuse passwords or choose ones that are easy to remember, which makes them easy for attackers to guess. Passwordless technology is more user friendly and secure than traditional account access models.

Unifying access management with a single cloud identity solution reduces costs

Companies dealing with pandemic-induced budget constraints are seeking efficiencies. A survey we ran earlier this year found that customers have, on average, up to nine identity solutions, all from separate vendors. As you can imagine, running multiple disparate solutions is not only complicated but also expensive.

Earlier this year, we commissioned a study with Forrester to analyze the economic benefits of securing all users, devices, and apps using a single identity solution. The results: customers who secure all their apps with Azure AD can achieve an ROI of 123 percent by retiring on-premises infrastructure, preventing data breaches, and reducing helpdesk costs.

Users also benefit since they no longer have to navigate different identity systems or sign-in separately to every application. In fact, Forrester estimated that using a single identity solution saves each employee 10 minutes a week on average, which amounts to almost nine hours a year per employee.

Image

A cloud-based identity solution offers unique security benefits

When you use a cloud-based identity solution, cloud-based intelligence helps protect your users against account compromise. Every day, Microsoft machine learning algorithms work behind the scenes to identify risky activities and compromised users by combing through over 170 terabytes of data, including signals from billions of monthly authentications across Azure AD and Microsoft accounts.

Our Azure AD Identity Protection solution, with real-time continuous detection, can alert you to suspicious sign-in behavior and automatically respond to prevent the abuse of compromised identities. For example, it detects “impossible travel,” which happens when the same user account attempts to sign-in from different physical locations in a time period too short to accommodate physical travel from one location to the other. Depending on the policy you set, the system can invoke a password reset or require multifactor authentication, and revoke all existing access tokens. But you can only strengthen your security posture with these detections and automated remediations—especially as the threat landscape evolves—if your identities are in the cloud.

Watch the full webcast with IDG

To learn more about how an identity-based framework reduces risk and improves productivity, be sure to watch the full webcast, then visit our secure access webpage to get started.

To learn more about Microsoft Security solutions visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

Headshot of Joy Chik.

Joy Chik

President, Identity & Network Access

Joy Chik leads Microsoft’s multi-billion-dollar security business, Microsoft Entra, which empowers customers to stay safe in a hybrid, multi-cloud, and multi-device world. The Microsoft Entra Suite integrates industry leading tools for identity governance, identity protection, and verifiable credentials, and establishes a robust Zero Trust identity and access controls framework. Joy spearheads innovation across Microsoft’s security portfolio, integrating AI into identity and security solutions and enabling end-to-end scenarios with Microsoft 365 Copilot, Copilot Studio, LinkedIn, and Azure AI Foundry. Joy also leads the Microsoft Secure Future Initiative (SFI) engineering work which is shaping the company’s security strategy and mindset at a global scale.

See Joy Chik posts

Related posts

Get started with Microsoft Security

Protect your people, data, and infrastructure with AI-powered, end-to-end security from Microsoft.

Learn how

Connect with us on social

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Marketplace Rewards Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States)
Your Privacy Choices Opt-Out Icon Your Privacy Choices
Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads