Microsoft Entra ID Reviews

My use cases for Microsoft Entra ID mainly include single sign-on, PIM, and conditional access policies.

The integration of Microsoft Entra ID and its ease of use is helpful for my company. Being included with our Microsoft 365 licensing makes it a much more affordable solution than Okta, for example.

The implementation of Microsoft Entra ID has positively impacted secure access to apps or resources in my environment because it makes them more secure. There are many services that don't support MFA, but adding SSO through Microsoft Entra ID adds MFA and allows us to enforce all of our conditional access policies.

My main use cases for Microsoft Entra ID are that the whole back office platform is based on it. We're using Teams or other tools for our day-to-day usage of Microsoft Entra ID.

The features of Microsoft Entra ID that I appreciate most include security. I find security essential. It's my job and main concern to use a secure platform, and it is also the way that we serve Microsoft customers to make their solution more secure.

The implementation of Microsoft Entra ID has had a positive impact on my secure access to apps or resources in my environment. Generally, productivity is much higher with Microsoft Entra ID than before when we were using the previous platform. I can't give exact metrics, however, I can roughly say that my productivity increased by about 25%.

Microsoft Entra ID's integration capabilities have influenced my zero trust model in that we can onboard users from day one without a password or password reset or complication. On behalf of my customers and Microsoft customers, since Microsoft Entra ID became part of my company, they onboard their staff in a more secure and more convenient way, with less cost. We save lots of cost for them for onboarding their new users. 

Since implementing Microsoft Entra ID, regarding changes in the frequency and nature of identity-related security incidents, when you trust a platform, your hesitation and investigation for incidents is going to be less. Though I can't say an exact number or percentage, I can clearly feel our efforts on incidents are much less than before. Our organization's approach to defending against token theft and nation-state attacks has not changed significantly since implementing Microsoft Entra ID, as we have a big concern about token theft yet know we cannot do anything. We just passively watch the market and expect Microsoft to help us with some solutions, as this is our major concern.

We have not encountered any verified threat actor IP in Microsoft Entra ID protection or any attacker in the middle detection. The features of Microsoft Entra ID benefit my company by saving costs and increasing productivity. These are two major things I can remember. With the Microsoft Entra ID platform, our company productivity is much higher, the performance is much higher, and it means that at the end of the day, we do the job with fewer people, saving costs.

We primarily use Microsoft Entra ID for application registration, especially for Software as a Service applications, which are prevalent in managing the power grid. These applications support various needs, such as managing contingent workers in our 24/7 operation. While we still utilize some on-premise applications, we prioritize cloud-based solutions for their high availability and accessibility. Furthermore, we are actively exploring B2B collaboration features in Entra ID to manage guest accounts, which offers significant cost savings on licensing and enhances ease of use for external users. Optimizing guest access privileges is a compelling business case for utilizing Entra ID effectively.

Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment.

The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users.

Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.

I rely on Microsoft Entra ID for syncing customers' on-premises Active Directory to the Microsoft 365 stack. I also use it for managing multi-factor authentication and other enterprise applications for our customers.

Microsoft is at the core of any customer I work with. Microsoft is the core of their identity, communication, and business applications. Microsoft acts as a one-stop shop for calling, meetings, collaboration, AI, and business applications like Dynamics 365 and Outlook. Many services are bundled, providing potential cost savings for organizations.

Conditional access is an additional feature of Entra ID. It allows organizations to say that these devices are allowed to connect without MFA or with MFA and meet certain compliance standards based on what is set in Intune. There are a lot of things that can prevent devices from connecting to your environment unless certain conditions are met. That is a big thing around the security of Entra ID.

It helps allow devices regardless of having an active VPN connection. You can enable your remote employees to access corporate resources without having massive security walls. It not only allows those devices to connect to the network seamlessly, it also allows them to connect securely. It is not that they have unfettered access to your network. You are securing things down where they are only allowed access to certain resources.

The implementation of device-bound passkeys in Microsoft Authenticator helps with phishing-resistant authentication. It helps ensure that every employee that you have is actually that person. It ensures that they are entering the PIN from their phone via the Microsoft Authenticator app and they are who they are. Even if their password is compromised, you still have another level of security for device access. It is not just access to a phone. They have to have pass lock screen access and access to the Microsoft Authenticator app to approve those notifications and type in that secondary code. Requiring a user to enter a two-digit code that is showing on their screen ensures only authorized access. It has been helpful in all cases. I deal with multiple customers, and most of them have hit security issues due to people pressing a random authentication key as approved, not knowing what they are pressing, even though they know it is an authentication prompt. Having that ensures that they are who they say they are.

This constant reauthentication to applications helps with organization security. We are not letting you sign in once and remain signed in for 30 days. If that device gets compromised, your corporate security is at risk. Lowering that authentication threshold to every 24 hours or 12 hours and making a user reauthenticating helps to make sure that they are who they are.

Token Replay detection has a big impact in terms of malware. Some people click on random PDFs in their email attachments and things get through. This is happening even at a larger scale, for example with Linus Tech Tips. Someone clicked an email, and they clicked an application that ran the machine and gathered every authentication token for everything the user had access to. They happen to have access to their YouTube account and other things without MFA. Being able to detect if a token is being reused potentially from another IP, with a snap of a finger, is a great feature. If a token is compromised, you can block it.

Since implementing Entra ID, identity-related security incidents have gone down drastically. 

We implement standardized conditional access policies for our customers using Microsoft Entra ID, mainly for security, governance, and conditional access. We also sync on-premises Active Directory accounts to Microsoft Entra ID to manage groups and Azure resources like Azure Virtual Desktop.

We started our journey with Entra from a security standpoint, using features like PIM and Microsoft Defender for Cloud. It has improved our security posture, especially in healthcare, where security is paramount. We have to ensure that our data is secure for HIPAA compliance. 

It improves our user account management and initial access. We can see a lot of stuff using Microsoft Lighthouse because we're an MSP, so we use Lighthouse to gain visibility into the tenants and accounts. We can dive into the financial side and get reports. It's highly granular and easier from an organizing standpoint.

We use the Microsoft security stack, including Defender, Purview, etc., so we get a security score and recommendations on ways to fill in the gaps. We get some ideas on how to tweak the Entra tenant or the environment better. But we're following Microsoft's guidelines with reporting or recommendations.

We implemented FIDO 2.08 for phishing resistance, so we use security keys like the UBP. We're passwordless now. It depends on our customers' licensing, such as whether they have an E1 or E3 or whichever Microsoft 365 license they have. We're moving them to a passwordless architecture or, at minimum, improving phishing resistance with an MFA authenticator. 

We primarily use Entra to monitor risky users or detect questionable sign-ons. We get alerts if a user logs in outside a trusted location or from a different IP address we don't recognize. We have recommendations or conditional access policies to detect or block risky sign-ons. 

We had more risky log-ins detected than normal, so we updated our conditional access policies to say that if we see more risky log-ins in the next 24 hours, we'll lock it down in the next 12 hours to fine-tune the conditional access policies and that kind of stuff. We're trying to standardize or make everything the same, depending on pricing or cost. We're trying to move everybody to the standard baseline for just what we try to deploy for the next of this year. 

It's had a tremendous impact on our security. We can set granular permissions and different levels of access for various teams. We can govern the Entra side of the house or the Azure public cloud side and other teams like marketing, HR, finance, or any of those groups as needed. 

Entra helps us advance our zero-trust strategy. We have to follow CIS standards and HIPAA because we're in healthcare and PCI DSS. We're implementing Microsoft's best practices for their security framework. It makes a big difference when we're deploying new infrastructure for new clients and everything.

My job is to manage APIs on the enterprise end. We use Entra ID to limit contact with the end of the portal as much as possible. We have a lot of permissions that we don't want people to have, or we provide them with managed access. We also use Entra to manage application access. It tends to be blanket permissions, allowing an application total access.

Microsoft Entra ID drives our login and security perimeter, which is crucial for our organization. It has helped us implement multifactor authentication for most of our users despite the legacy systems in place. 

It is essential for supporting our aspiration towards a zero-trust model. It's driving our ambition to get serious about zero trust. We still have a lot of legacy systems that require support. 

Entra handles all the anti-phishing capabilities, and it's also helped us implement passwordless sign-in functionality. Now that we have MFA requirements and stuff like that, we're seeing identities flagged as risky because people are traveling. Sometimes people misuse credentials. It may not be malignant, but a group of people might share credentials. 

My primary use case for Microsoft Entra ID is service principal management for API access and infrastructure access to Azure and similar systems. We also use it for single sign-on into some applications, such as SAML and OIDC applications.

The features of Microsoft Entra ID that I find most valuable include the ability to define service principles and assign permissions. This aspect is valuable but also difficult to manage. This is because it gives teams permission to self-service and access the infrastructure. We can assign fine-grained permissions, so there is a proliferation of service principles. There are many of them, making it difficult for us to streamline management.

Joining devices with Entra ID and the integration of Intune is cool. It's an easy integration. We use a different MDM, but we are looking into Intune integration. If that works, things will be simple for us.

We use Microsoft Entra ID for risk management of our users and compliance policies. We focus on automating processes, managing user identities, and placing them in appropriate groups with specific access roles. 

We do a lot of risk management for our users. We have a lot of compliance policies and custom assignments. We try to automate as much as possible. There are a lot of policies that take our users, identify where they should be, what back roles they should have, and put them where they need to be.

The management and risk assessments have become much easier. We can identify and address potential security threats quickly, especially given our mobile college student population. We have a lot of college students who are very mobile. It works with our CyFlare and security suite. This integration lets us know right away when we have somebody trying to impersonate. We get the notification right away. We can assess our risk factors and automatically put that user in a high-risk area. We can then initiate a contact to know what is going on. Are they in Mexico and Davenport, Iowa at the same time or did they put a VPN in?

We have a much better level of comfort. Everybody does not have admin rights. We need such a level of control considering the number of users that are out there. We had to get that in a bundle, and they have done a good job with that.

Microsoft Entra ID has allowed us to move forward with the zero-trust model. Unless you have control over your users and your authentication mechanisms, you have no control. It is our main portal coming into our security suite. They would not get to the security suite till they got through Microsoft Entra ID.

We have just stepped into the passkey. We like its simplicity. Our users are much happier that they are not thumbprinting, fingerprinting, and typing code numbers in. We are still a little leery, just because it could be a stolen device or stolen pass. Once they have that device in their hand, they are already halfway there. Between Entra ID, our policies and risk assessments, and the passkey system, we are on our way.

Implementing Microsoft Entra ID has not changed our organization's approach to defending against token theft and nation-state attacks a whole lot. Our security team has things locked down, and we have our network segmented, so you cannot jump. We do penetration testing almost daily. We have Entra ID and Defender. We monitor all that through API connections. We monitor any phishing and risk factors for our users and any anomalies in baselines.

So far, we find it working very well in terms of the detections, the risks, the events, and the logs that it sends us. Intercepting these attacks in the middle, seeing that the keys have been hit, and going into a more managed identity has helped. It gives us a feeling of security.

There has not been any reduction in the incidents. We have the same number of incidents, maybe an increase. However, we are catching them, and we know where they are coming from, so we can be more proactive instead of reactive.