Microsoft Entra ID Reviews

It underpins our application authentication and security requirements for internal users.

During the pandemic, it helped us carry on working securely as a business.

Azure Active Directory hugely improved our organization’s security posture. The ability to control access to resources has vastly improved.

We very much like Conditional Access. We also like the risky sign-ins and Identity Protection. These features provide us the security that lets us fulfill our security requirements as a company.

Azure Active Directory features have helped improve our security posture. The remote working has been a massive help during the pandemic.

The solution has made our end user experience a lot easier and smoother.

On-premise capabilities for information and identity management need improvement but I know these are in pipeline.

I have been using it for five or six years.

The stability has improved over the last two to three years.

It has fantastic scalability. Globally, we have about 80,000 users. 

In each territory there are on average around 40 people managing the solution on the admin side. We also have SMEs for the harder tasks. Then you have people, like me, who are architects and determine approach and create designs.

Microsoft Premier Support is very good. We make good use of it. 

The free support is okay.

For mobile device management we used to have MobileIron and Blackberry. Those products have been removed in favour of Intune and Azure AD features. Other legacy security services will be removed in preference for the Azure equivalents. Strategically, Azure AD makes more sense for us. Cloud first is the strategic direction within my company.

It is a predeployed solution, creating the links between the on-premise system and SaaS system is moderately easy.

Our deployment took a month.

For a non-complex organization, the deployment process would be a lot easier than it is for a complex organization. There are a lot of business processes that need to be determined as well as a lot of conversations. The technology side of things is the easy bit. It is the design that takes awhile.

It was all done internally and using Microsoft Partners

We have only really bought into the solution over the last 12 months or so. We expect to see cost returns in the next 12 months.

If you get rid of all the products providing features that Azure suite can provide, then it makes sense cost-wise.

Microsoft Premier Support is an additional cost to the standard licensing fees.

Azure Active Directory and its feature set under a single vendor are unique in our market.

Compared to how it was five years ago, the solution is has really matured.

Make sure that business requirements are understood upfront and a design is in place before any services are deployed. Ensure the people deploying it understand the capabilities and implications of choices.

I would rate this solution as a nine out of 10.

Public Cloud

Microsoft Azure

We use Entra ID for single sign-on to all of our internal IT systems and public SaaS offerings within the company.

Entra ID streamlines permission management and authentication for most systems. It also unifies IDs, simplifies IT operations internally, and enhances security by enforcing a better security posture across the organization.

We like the ease of app registrations and single sign-on with Entra ID. It offers an easy way to add multi-factor authentication to nearly any application and system. 

We've used it within AKS clusters to do pod identities. That has greatly reduced the number of static credentials we have running around and drastically improved our security. Combining Entra ID with the amazing work of our AKS team has enabled us to shrink the blast radius of credentials given to applications instead of only at the node level. This has allowed us to scope down permissions to an application level instead of the Kubernetes cluster, making it more secure and much closer to a full zero-trust solution.

Entra has helped us fight token theft. We almost always use short-lived tokens, which help us address many of these challenges. They still exist for certain use cases, but they've been drastically reduced due to our ability to use short-lived tokens.

We have never had an identity-related attack because we're lucky. However, that's just a matter of time until we do in this industry. Not having them before does not mean that we're not better protected now

The automation aspects of Entra ID could be improved, particularly when automating through different providers and SDKs. It's somewhat clunky to automate ID management, but it's great once it's set up. I would also like to see better Terraform support. 

I have used Entra ID for the last three years.

The stability has been great. I haven't had any issues.

The scalability is great. I've hit no issues in terms of scalability.

I rate Microsoft support 10 out of 10. Microsoft customer service is the best in the industry. There are immediate answers to any issues that arise with great knowledge and a deep understanding of the product and business needs.

Positive

I've used multiple solutions in the past, including Google authentication and Okta. I switched mostly to consolidate and for a better feature set that integrated better with the rest of our Microsoft products.

The setup is one of the easiest I've seen in the industry. It's very easy to onboard.

We used ourselves since we're an integration company.

We have seen a return on investment. We already have Entra ID, and like many customers, we haven't used it to its fullest potential. We get a return from not needing to pay other vendors to do what we already had from Microsoft, which was better than the competition.

We evaluated Workspace ONE, Google, and Okta before switching.

I rate Microsoft Entra ID nine out of 10. Without good Terraform support, it will stay below a 10, but everything else is so great.

We have it synced to our on-premises Active Directory environment where we have some Active Directory servers. We use it for authentication into our cloud apps. We use it for SSO. Because it is connected to our Office 365 tenant, we use it for single sign-on for applications that support it. 

We also use it to evaluate risky sign-ins or risky activity for users. If there are user sign-ins from a geographic location that they would not normally sign in from, we get a notification for it, and we can investigate what is going on with a user's ID, if the person is actually there or not, and if we need to take any action on it.

Entra ID has primarily helped with security and some level of organization of our user environment and application access for staff.

Entra provides a single pane of glass for managing user access to some degree. We still have to use local Active Directory management for certain items or troubleshooting. It does not seem to extend management and troubleshooting down to the endpoint level or have the same sort of granularity as managing Active Directory directly from an Active Directory server.

Entra ID has helped to save time. It has saved four to eight hours of staff member's time per week.

In some ways, Entra ID has saved us money because using it for single sign-on for third-party applications means that we do not have to use a third-party solution such as Okta or OneLogin. It is a default solution. It comes out of the box, and it works with multiple applications, which means that we do not have to go the route of having a third party to have that same type of solution for us. In that sense, it does save us money, but I do not know how much it has saved because I have not priced out Okta or any of the other solutions. I imagine it is a fairly substantial amount that they would charge per user per month times the number of our users.

Syncing with our on-prem Active Directory is valuable because we do not have to keep multiple identities for each of our staff members. We can easily evaluate login risks and provide access for SSO via 365 into applications, such as Salesforce, and other things that we run our business on.

Certain aspects of the user interface can be rather clunky and slow. It can sometimes be circular in terms of clicking a link for a risky user sign-in and seeing what the risky login attempts were. It takes you in a circle back to where you started, so drilling down into details, especially if you are not in it every day and it is one of many tools that you use, can be difficult. It can be difficult to track down the source of an issue.

There should be better integration or support for FSMO roles and cross-tenant force management. If you want to enable it, it is tricky when you add Entra ID into the mix for domain sync or directory sync.

I have been using this solution for five years.

The Entra ID and Azure Active Directory support is quite good. Sometimes, it may take a little bit of time to get past tier one basic questions and basic pointing to support articles and talk to somebody who looks at your configuration and starts to understand what your specific challenges are, but once you get to that next tier of support, it seems like you are able to get answers very quickly.

I would rate their support an eight out of ten. A ten out of ten would be where you make one phone call and all solutions are given.

Positive

We did not have single sign-on capabilities for our SaaS apps. Prior to implementing our Azure environment, we did not have a cloud identity provider. It was all on-premises.

I was involved in the deployment and initial setup of Entra ID. It was not that difficult. It had medium difficulty. There is a Microsoft way of doing things. Microsoft certainly seems to have made things easier since then. Whenever I go back into the system, it looks like some of the usability improvements are there. 

I believe that we also contacted Azure support a number of times during our deployment, and they were quite helpful. They were helpful up to the point where I got contacted by a product manager for Azure Active Directory at the time, and they were able to walk us through some of the implementation challenges we had, so Microsoft, at least for us as we were adopting Azure and Azure Active Directory, had a lot of hands on help with getting set up. They are open to feedback as well. The implementation was about as difficult as I expected an implementation to be. It was not certainly a turnkey where it just works right out of the box, but I have had more difficulty implementing other Microsoft solutions.

It is good. We have Office 365 E3, and then that is tied in with Azure Active Directory. I believe that we only have to pay for our technician-level access or IT department access for Azure Active Directory Premium, which I am sure they call Entra Premium P2 licensing, so it is not a very large cost. We just adopted that, and that gives us a lot of insights into user security that we would not otherwise have. 

We looked at Okta. We looked at Cisco Duo. We looked at OneLogin. I believe that there was some cost that we would have to bear if we had adopted them. Okta looked like a very good solution, but Azure AD came integrated out of the box with our Azure environment and our 365 environment, so we decided to move forward with it instead.

We have started using Permission Management. We have not fully rolled it out yet. We have also not used Verified ID. It is something that is a little tough to implement because the documentation is not necessarily there yet. We have just started touching the surface of it.

I would rate Entra ID an eight out of ten. It is a good product. It works out well for an organization of our size. We are fairly small, and we have limited IT resources. We are able to use Entra ID for permissions management and access management. I am trying to learn more about secure access and secure edge type of solutions that Entra has. At this Microsoft event, the demos in Demo Theater 3 have been overflowing and overcrowded to some crazy degrees, so there is definitely demand for it. Microsoft can put these demos in a larger room because there is a lot of demand for it.

We are using Microsoft Entra ID for multiple purposes, such as managing all authentications and changing passwords online. Previously, we relied on an on-premise network, which required us to be on-site to change passwords. With Microsoft Entra ID, we can synchronize it from anywhere on the network. We have an Azure AD Premium license and utilize features like conditional access policies to control identities. We use it primarily for managing identities inside the organization.

The best feature of Microsoft Entra ID is that it provides more granular control over user identities. The conditional access policy feature is particularly valuable, and it's something we use frequently. Microsoft Entra ID helps us manage identities according to security standards, and it allows us to implement least privilege access effectively. The logging and monitoring capabilities give us insights into activities, offering a single pane of visibility to detect anomalies, ensuring enhanced security.

In terms of improvement, we face issues with latency and responsiveness. Changes take some time to reflect across all users, sometimes up to twenty-four hours, which can be challenging when we need to implement drastic changes. Additionally, Microsoft's documentation can be insufficient. Some technical configuration details are missing, requiring us to consult external sources like forums or communities. They need to improve their documentation to ensure all necessary technical information is covered.

We have been using Microsoft Entra ID for six to seven years. Before that, we had an on-premises Active Directory environment, and then we transitioned to a hybrid setup with Azure connect. This has been our setup for around six to seven years.

Microsoft Entra ID is stable. It functions as it is designed, but improvements regarding the responsiveness of the solution are needed. Sometimes, rolling back changes takes longer than expected, affecting our operations.

Microsoft Entra ID is scalable. It integrates well with third-party tools.

I have experienced mixed results with technical support. Sometimes the support is excellent and technical issues are resolved quickly. However, there are times when complex tickets are assigned to non-technical personnel, which prolongs resolution times. After a delay, we might find out that an issue is out of scope for a particular agent, causing further delays.

We previously used on-premises Active Directory and switched to Microsoft Entra ID to reduce infrastructure. We have a hybrid environment now but maintain some local infrastructure for testing purposes.

The initial setup of Microsoft Entra ID is not straightforward; it sits between easy and tough. Implementing features requires vigilance and certainty before making changes due to its complexity. Microsoft's documentation misses some technical details, creating a need to refer to external resources for certain configurations.

Our deployment was done in-house. We did not use an integrator, reseller, or managed service provider.

Microsoft Entra ID provides visibility for security, such as tracking identity movements. By not relying on an on-premises solution, our infrastructure management is simplified, which aids in disaster recovery planning. We also integrate security features like risky users policies that enhance our security architecture. This contributes to a good ROI.

I rate Microsoft Entra ID at eight to 8.5 out of 10 overall. The solution is mature, with a big community and a strong reputation in the market. It's recommended due to its features and community support, though implementation challenges and documentation issues require attention. Community support and Microsoft's reputation are valuable, but the latency and documentation need improvement.

Hybrid Cloud

Microsoft Azure

Entra ID serves as our primary identity security tool. 

Entra ID enables us to implement security easily and effectively. It has built-in integration with all the Microsoft tools, like SharePoint, Outlook, Teams, etc., the condition access we discussed earlier. It's our primary identity security tool. We can't live without Entra ID. 

Using Entra ID has improved our security. Our security score is close to 80 percent, which is a critical metric because that includes everything under the hood. We have continuously improved in the last two or three years. We have implemented many improvements since the pandemic, so the number of incidents has decreased a bit, and automation has been throttled up.

Conditional access and Privileged Identity Management (PIM) are the most valuable features from a security perspective. 

Rule management and permissions need improvements. I have had discussions with product managers about these challenges and sent emails regarding them. Additionally, improvements are needed in the Identity Governance and Administration (IGA) side of things.

I have been working with Entra ID for around six years.

I rate Entra ID 10 out of 10 for stability. I have not encountered any issues.

I rate Entra ID's scalability 10 out of 10. It's great.

Customer service has been very good. I have raised sophisticated queries and received responses within a day.

Positive

I have never used a different solution and have always worked with Entra ID.

I have not personally deployed Microsoft Entra ID. However, I have integrated the solution, and we have worked with integrators to set it up.

The biggest return on investment is the seamless integration with all Microsoft apps and services. If you choose something new and integrate it, it can take a lot of time.

I rate Entra ID eight out of 10. 

Hybrid Cloud

Other

I am the Microsoft solution architect for our organization and we are in the process of testing Microsoft Entra ID. 

Microsoft Entra ID will serve as the identity provider for all services, including on-premises and other sources. For instance, it can be utilized to authenticate our in-house phone application, replacing the need for local active directory authentication. With Microsoft Entra ID, the local active directory becomes unnecessary for authentication purposes. As an illustration, even in services like Gmail, authentication through Microsoft Entra ID is possible. This presents an excellent option that is also user-friendly. 

Moreover, the system is uncomplicated, featuring a lightweight and non-hierarchical schema. In contrast to the conventional active directory with its organizational and sub-organizational structure, Microsoft Entra ID adopts a flat directory model, streamlining operations without hierarchies. While this approach offers advantages, it also comes with its drawbacks, such as its reliance on the cloud platform.

Microsoft Entra ID provides a unified interface where we can manage all of our entities. It utilizes a flat directory structure, allowing us to assign user access and group them using tags. For instance, when we create a user for the sales team, we simply apply a tag such as "sales," automatically adding that specific user to the sales group. This eliminates the need for the manual creation of containers and the manual grouping of users within a specific container. Everything is achieved through tagging, and streamlining the process, and is facilitated by the singular interface offered by Microsoft Entra ID.

We can easily apply security policies through a unified interface. Everything in Microsoft Azure can be utilized for server storage. Although it's within a single interface, there are options for differentiation. For instance, by clicking on the Microsoft Entra ID, we can access a distinct interface. Here, we have the ability to create, apply, and manage policies for various aspects, all from this specific interface.

The admin center helps us identify where there are issues and easily take action.

In Microsoft Azure, there is a tool called Intune, which serves as a device management tool. In the past, we encountered issues while managing all end devices through SSCM. This involved a constraint where any updates or policies could only be pushed if the device was connected to the office network. Essentially, users needed to physically connect their devices to the office network to receive updates or policy changes. However, with the introduction of Intune, a Microsoft Azure product, we transitioned all our devices to this platform. This allows us to create and directly push policies without the necessity of the device being on the corporate network. Users can now receive security updates, as well as different antivirus updates, even while working from home. This streamlined approach greatly simplifies endpoint maintenance, which also extends to mobile devices.

We do not utilize the Microsoft Entra ID conditional access feature for endpoint devices. Instead, we apply conditional access to specific groups. For instance, we have a team that requires access for a defined period. Additionally, certain types of vendors need access ranging from, for instance, two days to a few hours. In such cases, we employ the conditional access feature to grant the necessary access. We have employed this approach, and it has proven to be highly advantageous.

While we don't typically utilize the conditional access feature in combination with Microsoft Endpoint Manager from the user's standpoint, there are certain groups for which we do implement conditional access. For instance, within multiple teams, not all members are granted identical access. Various team levels enjoy distinct levels of access. It is in such scenarios that we employ the conditional access feature.

We have an access group where we define the access that each team will receive. Additionally, we have the Tier One, Tier Two, and Tier Three support teams, for which we have defined privileges based on their respective roles and responsibilities.

Microsoft Entra ID assists in saving several hours for our IT administrators and HR departments daily. This is particularly due to its unified interface. For instance, when we need to review certain logs, we can grant access to the HR team. They can easily retrieve logs detailing specific employee activities. This includes information such as individual browser usage duration and system activation records. These types of logs encompass the range of data generated on a daily basis from this platform.

Microsoft Entra ID has undoubtedly assisted in saving money for our organization. This is because we are not only utilizing the solution itself, but we can also incorporate our application server along with products such as software and solutions, including emails. Microsoft Entra ID is included as part of the package fee, which unequivocally contributes to cost and time savings. This is primarily due to the elimination of the necessity for an additional identity provider, as it is already encompassed within the package.

Our employees' user experience has improved with Microsoft Entra ID compared to the local Active Directory, which was occasionally slow, depending on the availability of our log-on server at the time. If it was unavailable, logging in was significantly slower, and we could get logged out. This is no longer the case, and now we can easily log in. 

The group assessment policy stands out as the most valuable feature. It allows us to create numerous groups and add multiple users to those specific groups. Managing these groups can become quite complex within the standard active directory procedures. For instance, when it comes to tasks like adding or removing users, especially if a user is checked out, it can be unclear whether someone needs to manually remove them from the active directory.

However, there exists an option that streamlines this process. This option automatically sends a notification to the user. We have the ability to define the email user in the designated field. Subsequently, the system will prompt us to confirm if continued access to this specific group is required for a few users. If this is a routine request, the system will retain the user in the group, ensuring their ongoing access. This particular feature proves to be incredibly useful in managing these scenarios.

The group policy structure options continue to change, and the naming conventions remain confusing when we access the cloud. 

The support is a bit slow. This is particularly challenging for the service engineers. For instance, opening a ticket takes a considerable amount of time to pinpoint the underlying issue. While high-severity tickets are resolved quickly, there are instances of lower-severity issues that still impact a specific group of users. Addressing these problems is taking longer than usual.

I would like to have the option if needed to use the hierarchy when setting up groups.

I have been using Microsoft Entra ID for three years.

Microsoft has really good SLAs and I can not remember the last time they went down. I would rate the stability of Microsoft Entra ID nine out of ten.

Scalability is quite simple, and the primary advantage of the cloud solution is its scalability; there isn't much to manage in this regard. Our growth remains unhindered because we don't have to impose limitations on ourselves when embarking on new projects or endeavors. Scalability is inherent, requiring only payment for additional resources if necessary. As there's no hardware involved, both scaling up and scaling down are easily achievable.

The support is slow to respond to and resolve minor issues.

Neutral

We are still using our standard Active Directory locally in our on-premises data center.

The complexity of the initial setup depends on the technique used. While it may seem a bit complicated, with the proper design, it becomes a non-issue. Each module has different procedures. For instance, the Defender module, which is a Microsoft service, serves as a part of the Entra ID, allowing us to block and control websites and provide security antivirus solutions. We have onboarded all our devices to Defender. Thus, the machine doesn't need to be part of Microsoft Entra ID, but migration is still possible.

Currently, we are in the midst of a project to onboard the devices to Microsoft Intune. We are transferring the devices from the local active directory, and this process is ongoing. For each device, specific scripts need to be executed, which can be a bit complex. The complexity often arises due to existing policies and applications. When everything is well-prepared, the onboarding process is smooth. This might be an easy task for a new organization, but for those already using a different solution, the migration process becomes a bit complex. Thorough testing is necessary, especially considering that policies tend to change over time.

This project has been running for more than two years and is still ongoing. The pilot phase alone is estimated to take about one and a half years due to various commitments. Unlike a company like Google, my organization operates differently; it encompasses multiple entities like the United Nations across various locations. Since the user count exceeds five thousand, we're being cautious and gradual in our migration. At present, we have migrated only around a hundred users for testing purposes. The migration of the remaining users is scheduled to occur soon.

The price is good, and we have no complaints.

I would rate Microsoft Entra ID nine out of ten.

Microsoft Entra ID is utilized throughout our entire environment. It serves as a singular identity provider for all aspects of our operations, including servers, applications, endpoints, and even external applications. For instance, we can authenticate third-party applications using Microsoft Entra ID.

The required number of personnel for maintenance depends on the size of the organization and the quantity of Microsoft products in simultaneous use. For instance, if we have Microsoft Entra ID solely for email and SharePoint online teams, and there are around five thousand users. In this scenario, I believe that dedicating approximately three to four individuals to Microsoft maintenance would be reasonable.

I recommend Microsoft Entra ID. Microsoft Entra ID can be utilized for third-party applications like AWS and Google as well. It's user-friendly, allowing us to authenticate the products or applications of our interest, even if they are not located in the same place as our origin; nonetheless, they will function seamlessly.

Hybrid Cloud

Microsoft Azure

I use it to access my work applications. When I install Microsoft Teams or Outlook, or I want to access my work applications, I authenticate myself using Microsoft Authenticator.

During the pandemic, one of the challenges for organizations was how to secure their IT networks. People were working remotely, and some of them were working from the remotest locations. It gave confidence to the organization that only the right person was getting access to work applications.

It also improves your customer experience or employee experience. You don't have to rely much on servers. 

Being able to easily authenticate yourself on the MSA app is valuable. It is easy to use. Rather than receiving a code in an SMS, you can just verify that it is you. You don't have to punch in any password or any six-digit code. That's the feature that I like the most.

It does give you the confidence that no one else can access your details or can have access to your account because it does add a second layer of security. Even if someone hacks the server where my details are stored, unless and until I authenticate myself on MSA, even hackers won't be able to get into my account.

It works absolutely fine from the login perspective. You can also configure it on third-party devices, and it works pretty well. I haven't faced any issues from the login point of view.

They can improve how people manage their accounts. They can simplify and provide more information about adding or updating a phone number or email id in the MSA account. A lot of time users do get confused about where to go. For example, if I've changed my mobile number, where do I go and change my mobile number in the MSA account? A lot of time, employees think if they change the phone number in the HR database, it'll automatically get changed on the MSA account, which is not the case. Microsoft can simplify that and add these questions in the FAQ documents as well. They can provide more clarity about how it is different from your organization's database.

Voice recognition could be added going forward. With a smartphone, such as iPhone, as well as with Windows Hello for business, you already have facial recognition. Voice recognition is something that could be added going forward, especially for people with special needs.

I have been using it for a year.

It is quite stable. Coming from Microsoft, you don't question the stability factor at all. I have Microsoft Authenticator installed on my phone, and even when I switched organizations, I could simply add my new workplace email id, and it worked absolutely fine. It is quite stable, and it gives you a good user experience.

Scalability-wise, it is quite good. We were rolling it out to 150,000 people across the globe and different geographies. One of the good things is that Microsoft doesn't need any introduction anywhere. In terms of user experience, it is right up there. It is also right up there in terms of how different work applications align with it. I would rate it quite high.

Technical support was good. We didn't have to rely on Microsoft's technical support big time because the solution worked very well overall. We had our third-party technical support team involved as well.

Positive

Before Microsoft Authenticator, we used Okta Multi-Factor, and prior to Okta, we were totally relying on passwords, which was obviously very risky. 

We switched to Microsoft Authenticator because when you implement the whole Microsoft 365 suite, especially in a large organization, all the work applications sync pretty well with Microsoft, and you already have a good relationship with the vendor. 

It was initially on-prem, but later on, we shifted it to the cloud. When I joined the organization, it was already on-prem, and I helped to shift all the data from on-prem to Azure cloud. The process was a little complex. We had a few on-prem issues, and we had to redo the capability testing to check if those issues will arise on the Azure Cloud as well. It was complex because we were again asking some of the users who had changed their phone numbers to go and re-add their phone numbers. If they had the same phone number, it would have worked fine, but if they had changed the phone number, once it is shifted from on-prem to Azure Cloud, it wouldn’t have worked anymore. So, they had to re-add their phone number. The challenge was to identify those users and convince them to redo the activity. This switchover took about two quarters or six months.

We had a team of about 7 to 10 people from project management, change management, IT, and global IT teams. We are a massive organization. It was being rolled out to 150,000 people across the globe.

We did pilot testing across different functions and across different geographies. That's the standard practice that we follow in our organization.

We have seen an ROI. We were able to secure our IT networks by more than 80%. More than 80% of the audience did subscribe to MSA and used it for logging into their work accounts.

It took us two to three months to realize its benefits from the time of deployment. We did run a pilot batch. We were trying to customize the solution according to our network. Within a quarter, we were able to identify its benefits.

I'm not totally aware of the pricing and licensing, but I do know that the pricing and licensing must be quite balanced. We are a pretty old client of Microsoft, and MSA is just one of the services we use from Microsoft. There's a whole Microsoft 365 suite that's implemented as well. I'm sure it is something that is acceptable to both parties.

We were totally relying on Microsoft. We didn't evaluate any other vendor.

To those looking to evaluate this solution, I would advise doing proper pilot testing to iron out any hurdles later on. It is important to take a call on whether you want to adopt the on-prem model or the cloud model. Obviously, the on-prem model is not sustainable if you're trying to secure your IT networks. The cloud model is more sustainable in that sense. I would advise taking that call right in the beginning.

I would also advise considering how to secure third-party devices. There might be third-party contractors who don't have the company laptops, but they do have company email ids to log into the company accounts from their own devices. You should work out how you are going to add those devices to the secure cloud.

I would rate it a nine out of ten. In the next version, if they can come up with voice recognition, especially for people with special needs, it will be helpful.

Public Cloud

Microsoft Azure

We have a hybrid environment where we sync our users from on-premises to Microsoft Entra ID. The main purpose is to utilize Microsoft applications and services, like Microsoft 365 applications. We also use different integrations with Microsoft Entra ID for other cloud-based apps like Salesforce, enabling Single Sign-On integration.

One of the best features is that if users are synced with Microsoft Entra ID, you can integrate different enterprise-level apps like Salesforce, Oracle, and CyberArk. There are hundreds of apps you can integrate. Enabling Single Sign-On using Microsoft Entra users with these other cloud apps is a significant advantage. Single Sign-On is highly valuable.

Microsoft could enhance features regarding user retention for inactive accounts on Microsoft Entra ID. Another improvement needed is in the report customization for enterprise application configurations, making them more graphical and suitable for management presentation. Additionally, the freedom for Group Policies needs enhancement in Microsoft services like Intune.

I have been using Microsoft Entra ID for 6 years, and it is now going to be 7 years.

Microsoft Entra ID is a stable solution. We have been using it for the last 7 years, and it continues to improve with feedback from customers. It is a very stable solution.

It is a scalable solution. We previously had 300 users and now have 1,000 users. The number of licenses has increased, and Microsoft Entra ID has helped manage various Microsoft services under one platform.

Microsoft's technical support can be rated as 7 for front-end support and 8 for tier-two or advanced level support. Sometimes, level-one support lacks the immediate information needed, causing delays in receiving appropriate support.

Neutral

We were using Microsoft's on-premises Active Directory and a different Endpoint Protection. Now, we use Microsoft's Endpoint Protection due to licensing benefits. We also switched from another system to Microsoft Dynamics. These changes have helped reduce both capitalized and operational costs.

The setup process was relatively straightforward due to Entra Connect, which syncs on-prem users to Microsoft Entra. However, managing Group Policies in Microsoft services is still somewhat complex.

We engaged integrators, resellers, and Managed Service Providers for various projects. These service providers supported our deployment.

I cannot provide a specific figure, but moving our CRM and ERP to the cloud has reduced the need for on-premises management, saving on both capitalized and operational costs. This transition has allowed us to reallocate budget to more productive activities.

Licensing with Microsoft 365 often comes bundled, which simplifies license management. This unification reduces the need for separate licenses for Office applications like Word, Excel, and PowerPoint.

Before choosing Microsoft Entra ID, we evaluated other security and identity solutions, including Microsoft's on-premises Active Directory and different Endpoint Protection systems.

I would rate the solution as 9. It is a very good solution for unified management. I rate the overall solution a 9 out of 10.

Hybrid Cloud

Other