Azure Key Vault vs Microsoft Entra ID comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
605 views|446 comparisons
97% willing to recommend
Microsoft Logo
4,010 views|2,952 comparisons
94% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Azure Key Vault and Microsoft Entra ID based on real PeerSpot user reviews.

Find out in this report how the two Microsoft Security Suite solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Azure Key Vault vs. Microsoft Entra ID Report (Updated: March 2024).
771,212 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The integration with other Azure services is one of the standout features for me. It allows us to use secrets from the Azure Key Vault seamlessly without direct interaction.Additionally, the ability to easily mark secrets for expiration and receive notifications is invaluable.""The solution does an excellent job of storing and retrieving our stored keys.""Its customer service is excellent.""The most valuable features of Microsoft Azure Key Vault are the security and convenience of changing passwords in multiple places.""The centralized storage and secure storage are features we like.""Considering the features provided by the product, I would say that the solution is available at a good price point.""Azure Key Vault's performance is excellent. It makes infrastructure management easier.""The access policy feature helps secure content and resources."

More Azure Key Vault Pros →

"The most valuable feature of Microsoft Entra ID is its security options, where we can provide highly effective security for user accounts during authentication.""It's definitely both stable and scalable.""The single sign-on across multiple platforms is really the true advantage here. That gives you one ID and password for access to all your systems. You don't need to manage a plethora of different user IDs and passwords to all the systems that you're going to access.""Many of its features are valuable, including: facilitating application authentication, privileged access management, processes for attestation, and access reviews.""Conditional Access, Geofencing, and Azure Multi-Factor Authentication are the major security features to secure resources.""We have about 80 users in the Azure Active Directory right now, however, we know that if it was necessary to scale it for hundreds or thousands of users, it wouldn't be a problem.""It's something we have to deal with every day. It is present. If you're in a domain environment, you'll need it to log in. If you work in a Microsoft-centric environment, you can't avoid it.""I like Entra's ability to integrate the Active Directory with third-party solutions. It's straightforward. I like the ability to define third-party systems and make the AD the primary identity provider."

More Microsoft Entra ID Pros →

Cons
"The solution's usage can be a little better from the user interface point of view.""The platform's configuration process could be easier.""Users should be able to segregate the passwords.""While the solution already does a great job of managing keys, the solution could probably look at maybe expanding more into mobile devices and endpoints.""There's room for improvement in cross-platform compatibility.""The voucher access policy can be improved by configuring it based on groups, rather than just applications or users.""We've experienced issues with configuration.""The initial setup could be less complex for first-time users."

More Azure Key Vault Cons →

"Four years ago, we had an issue with Azure AD. We wanted to reverse sync from Azure AD to on-prem Active Directory, but we couldn't achieve this. Azure AD could connect only in one way, for example, from your site to Azure. If you needed to do the reverse and connect from Azure to on-prem, there was no way to achieve it. We asked Microsoft, and they told us that they don't support it.""Azure AD could be more robust and adopt a saturated model, where they can offer unlimited support for a multi-cloud environment.""Microsoft should work on enhancing its machine-learning algorithm to prevent unnecessary lockouts of users.""Allowing for more customization would be very useful. There is a limited metadata capability. When you look at a user, there are only six pieces of information you can see, but organizations are way more complex, so having that metadata available and being able to use that for dynamic user groups and other policies would be very helpful.""Compared to what we can do on-prem, Azure AD lacks a feature for multiple hierarchical groups. For example, Group A is part of group B. Group B is part of group C. Then, if I put someone into group A, which is part of already B, they get access to any system that group B has access to, and that provisioning is automatically there.""Microsoft Authenticator is as easy as Google Authenticator, but it is not open to all types of applications. Google Authenticator is integrated with other third-party platforms and applications, whereas Microsoft Authenticator is not. It should have more integration with third-party platforms and applications.""The monitoring dashboard could be a bit better.""In terms of stability, sometimes the more applications you integrate, the more it becomes a little bit unstable."

More Microsoft Entra ID Cons →

Pricing and Cost Advice
  • "The cost of the Azure Key Vault is very high and the pricing model is based on the number of keys that you store and retrieve."
  • "The pricing is decent. It has a pretty low price. It is a straightforward cost based on usage."
  • "Pricing is quite reasonable and support is included, although premium support is available for an additional fee."
  • "Key Vault, like every Azure service, has a cost associated with it, but you don't have to spend thousands of dollars to spin up an environment to build a key management system. It's already there."
  • "The price of the solution is reasonable for what we are using it for."
  • "Azure is cheaper than CyberArk... CyberArk is good, but it's quite expensive."
  • "The price isn't high. Any sized organization could easily adopt it. The first 250 keys are available for $5 per month."
  • "The pricing is reasonable and flexible, especially for those already using Microsoft Azure Cloud services. There is a cost associated with retrieval and storage, which is a few dollars. Otherwise, the price can be customized according to requirements, such as how many keys need to be stored."
  • More Azure Key Vault Pricing and Cost Advice →

  • "The licensing cost is a bit prohibitive."
  • "The licensing is really not clear unless you are a premium client."
  • "Licensing is easy."
  • "It is a really nice tool and we have a license for the more complex model."
  • "It is not too expensive."
  • "It's really affordable."
  • "I do not have experience with pricing."
  • "Licensing fees are paid on a monthly basis and the cost depends on the number of users."
  • More Microsoft Entra ID Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Microsoft Security Suite solutions are best for your needs.
    771,212 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Azure Key Vault is a SaaS solution. You can easily store passwords and secrets securely and encrypt them. Azure Key Vault is a great solution to ensure you are compliant with security and governance… more »
    Top Answer:With Azure Key Vault, we can generate our own keys and then import them inside the system, which provides a higher level of security than provider-managed keys.
    Top Answer:Azure Key Vault is a very, very expensive solution. Currently, the solution's pricing is based on the number of transactions, which is very high in some cases.
    Top Answer:We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier Duo Security is easy to configure and… more »
    Top Answer:It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
    Ranking
    11th
    Views
    605
    Comparisons
    446
    Reviews
    32
    Average Words per Review
    424
    Rating
    8.8
    4th
    Views
    4,010
    Comparisons
    2,952
    Reviews
    83
    Average Words per Review
    920
    Rating
    8.7
    Comparisons
    Also Known As
    Microsoft Azure Key Vault, MS Azure Key Vault
    Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
    Learn More
    Interactive Demo
    Overview

    Microsoft Azure Key Vault is a cloud-based data security and storage service that allows users to keep their secrets safe from bad actors.

    Benefits of Microsoft Azure Key Vault

    Some of the benefits of using Microsoft Azure Key Vault include:

    • Secure your secrets in a single central location, enabling you to control how your information is disseminated.
    • Keep your data away from bad actors. Application administrators can store their application’s security information away from the actual application. Microsoft Azure Key Vault reduces the chance that a bad actor will be able to leak an application’s secrets. Because the data is not stored in the code of the application, hackers will be unable to steal the security information.
    • Retrieve your information securely. When the information is needed, the application can securely retrieve it by using a uniform resource identifier (URI) to connect to Microsoft Azure Key Vault.
    • Securely store your digital keys and secrets. Microsoft Azure Key Vault stores data behind layers of security protocol. No one can access the information stored in a Microsoft Azure Key Vault without first obtaining the necessary authentication and authorization. The authentication process allows the system to figure out who is trying to access the vault in question. This process is performed by Azure’s Active Directory. After the person or entity is authenticated, Microsoft Azure Key Vault then assigns them a level of authorization. This determines what sort of actions they will be able to perform.
    • Choose from two different authorization options. The level of a user’s authorization can be either role-based or dictated by a policy that the administrator sets. Azure’s role-based access control (Azure RBAC) enables users to both manage and access stored data. A key vault access policy limits users to data access.
    • Secure your data in the way that best fits your needs. Your data can be protected by either industry-standard algorithm software or hardware security modules (HSMs). Your data is even safe from Microsoft, as the vaults are designed so that not even Microsoft can get in and access the information.
    • Easily monitor who accesses your vault(s). Microsoft Azure Key Vault enables administrators to keep a close eye on their secrets. Users can activate a vault-logging feature that will track every piece of information. It will record who accessed the vault, when they accessed it, and other pertinent details.
    • Choose how you want to store your logs. Users can store logs in multiple ways. These logs can be archived, sent to the Azure monitor logs area, or streamed to an events hub. The logs can be secured to prevent unauthorized viewing and deleted when they are no longer needed.

    Reviews from Real Users

    Microsoft Azure Key Vault stands out among their competitors for a number of reasons. Two major ones are the overall robustness of the solution and its ability to protect and manage many different digital asset types. The many features that the solution offers allows users to tailor their experience to meet their specific needs. Its flexibility enables users to accomplish a wide variety of security and identity management related tasks. It empowers users to secure a wide array of assets. Users can keep many different types of secrets away from bad actors.

    A cloud architect at a marketing services firm writes, “All its features are really valuable. It's really well thought-out. It's a complete turnkey solution that has all the concerns taken care of, such as access control and management. You can use it in infrastructure as code to create key vaults, APIs, PowerShells, CLIs, even Terraform. You can also use it in different services across the board. If you have app services, or virtual machines, Kubernetes, or Databricks, they can all use Key Vault effectively. In my opinion, in a DevSecOps, DevOps, or even in a modern Azure implementation, you have to use Azure Key Vault to make sure you're addressing security and identity management concerns. By "identity" I mean usernames, passwords, cryptography, etcetera. It's a full-blown solution and it supports most breeds of key management: how you store keys and certify.”

    Roger L., the managing director of Cybersecurity Architecture at Peloton Systems, says, “The most valuable aspect of the product is its ability to keep our admin password accounts for keys and a lot of our high-value assets. It can manage those types of assets. So far, the product does a great job of managing keys.”

    Microsoft Entra ID, previously known as Azure AD (Active Directory), is Microsoft's cloud-based identity and access management (IAM) solution. Designed to help organizations of all sizes manage user identities and create an intelligent security perimeter around their cloud and on-premise resources. Microsoft Entra ID or Azure AD is integral to the Microsoft 365 and Azure ecosystems. It provides a robust set of capabilities to manage users and groups and secure access to applications in a centralized, streamlined manner.

    Microsoft Entra ID (Azure AD) is a login system, morphing into a sophisticated identity and access management (IAM) solution for the modern, hybrid workplace. Imagine a single vault for all your digital keys – that's the essence of Entra ID's identity management. It acts as a central repository for user identities, encompassing usernames, passwords, and even additional attributes like department or employee role.

    These capabilities enabled simplified administration using a unified platform for adding, modifying, and deleting user accounts. Users no longer need to remember login credentials for a plethora of applications. Entra ID streamlines access by using the same identity across various cloud services and on-premises resources (if integrated). Centralized identity management allows for stricter enforcement of security policies and password complexity requirements across the organization.

    Authentication sits at the heart of the solution, ensuring only authorized users gain access to sensitive resources. It employs a multi-pronged approach:

    • Password Authentication: The traditional method of username and password is still supported, but Entra ID encourages stronger authentication methods.
    • Multi-Factor Authentication (MFA): Adding an extra layer of security, MFA requires users to verify their identity beyond just a password – through a code sent to their phone, fingerprint recognition, or a security key.
    • Single Sign-On (SSO): This user-friendly feature eliminates the need to enter credentials repeatedly. Users sign in once to Entra ID and gain seamless access to all authorized applications, boosting productivity.
    • Conditional Access Policies: Providing granular control over how and when users can access resources. Based on conditions like user role, location, device state, and the application being accessed, Conditional Access policies help ensure that only the right people under the right conditions can access sensitive resources.
    • Seamless Integration: Seamless integration with thousands of SaaS applications, Microsoft 365, and on-premises applications via Application Proxy or third-party identity bridges.
    • Advanced Security Reports and Alerts: Sophisticated security monitoring, reporting tools, and automated alerts. These features enable to identify potential security issues, such as atypical behavior or attempted identity attacks, allowing for swift remediation actions.

    For organizations with on-premises infrastructure, Microsoft Entra ID (Azure AD) offers hybrid identity options. This allows for a smooth integration between on-premises Active Directory and Entra ID, providing a consistent identity for users across both environments. It enables organizations to leverage their existing investments in on-premises infrastructure while taking advantage of cloud scalability and flexibility.

    In conclusion, Microsoft Entra ID (Azure AD) is a comprehensive IAM solution that addresses the complex challenges of managing and securing identities in a cloud-centric world. Its blend of ease of use, security, and integration capabilities makes it an essential component of modern IT infrastructure, supporting both operational efficiency and strategic business objectives.

    Additional links:

        Sample Customers
        Adobe, DriveTime, Johnson Controls, HP, InterContinental Hotels Group, ASOS
        Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
        Top Industries
        REVIEWERS
        Computer Software Company28%
        Financial Services Firm24%
        Security Firm4%
        Paper And Forest Products4%
        VISITORS READING REVIEWS
        Computer Software Company15%
        Financial Services Firm13%
        Manufacturing Company8%
        Government6%
        REVIEWERS
        Financial Services Firm14%
        Computer Software Company14%
        Educational Organization5%
        Healthcare Company5%
        VISITORS READING REVIEWS
        Educational Organization26%
        Computer Software Company12%
        Financial Services Firm9%
        Government6%
        Company Size
        REVIEWERS
        Small Business28%
        Midsize Enterprise23%
        Large Enterprise49%
        VISITORS READING REVIEWS
        Small Business20%
        Midsize Enterprise14%
        Large Enterprise66%
        REVIEWERS
        Small Business33%
        Midsize Enterprise14%
        Large Enterprise53%
        VISITORS READING REVIEWS
        Small Business18%
        Midsize Enterprise35%
        Large Enterprise47%
        Buyer's Guide
        Azure Key Vault vs. Microsoft Entra ID
        March 2024
        Find out what your peers are saying about Azure Key Vault vs. Microsoft Entra ID and other solutions. Updated: March 2024.
        771,212 professionals have used our research since 2012.

        Azure Key Vault is ranked 11th in Microsoft Security Suite with 46 reviews while Microsoft Entra ID is ranked 4th in Microsoft Security Suite with 190 reviews. Azure Key Vault is rated 8.6, while Microsoft Entra ID is rated 8.6. The top reviewer of Azure Key Vault writes "Allows us to securely store our keys to prevent unauthorized access to unwanted users". On the other hand, the top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". Azure Key Vault is most compared with AWS Secrets Manager, HashiCorp Vault, CyberArk Enterprise Password Vault, AWS Certificate Manager and LastPass, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Okta Workforce Identity and Cisco Duo. See our Azure Key Vault vs. Microsoft Entra ID report.

        See our list of best Microsoft Security Suite vendors.

        We monitor all Microsoft Security Suite reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.