What is Microsoft Entra?

  • Post author:
  • Post category:Main
  • Post last modified:July 3, 2023
  • Reading time:6 mins read

Microsoft Entra is a new product family within Microsoft 365 and Azure, consisting of Azure AD, the new Microsoft Entra Permissions Management solution (CIEM) and Microsoft Entra Verified ID (formerly Azure AD Verifiable credentials). 

Microsoft Entra is designed to help keep your environment secure in an ever-evolving world by allowing you to easily manage your roles and identities with Azure AD, govern and automatically remediate creeping permissions with CIEM and provide decentralized identity control with Verified ID.

Microsoft Entra image

Fundamentally nothing has changed with Microsoft’s Hero security product Azure AD, but lets start with where to find the new products.

How to access the Microsoft Entra Dashboard

To access Microsoft Entra you can go to the following link:

https://entra.microsoft.com/

You will see something like the following: (as of May 2022, the dashboard is currently in preview)

Microsoft Entra Admin Center

From the Microsoft Entra dashboard you will be able to perform almost any task relating to identity management, including (but not limited too):

  • Manage Azure AD users and groups
  • Managed enterprise applications and app registrations
  • Define roles and administrators
  • View licenses and billing
  • Manage Multi-factor authentication and authentication methods
  • Access Secure Score and Identity Protection
  • Manage Access Reviews
  • Manage Entitlement Management
  • Manage external identities and configure external identity management
  • Manage Azure AD Connect
  • View all usage insights, logging and diagnostics 
  • Manage new Verified ID and decentralised identity settings

What is Microsoft Entra Permissions Management?

Microsoft Entra Permissions Management is Microsoft’s own cloud infrastructure Entitlement Management system or ‘CIEM’. It is designed to give complete visibility and control over identity permissions for any resource in Azure, AWS and GCP. As well as providing visibility it is a comprehensive solution that will be able to identify any risk and remediate their risks in the event an action is triggered.

The idea of Microsoft Entra is to help strengthen your Zero Trust security approach by ensuring identities only have the necessary and minimum permission required to perform their job function, this goes for users, services and applications.

To do this it leverages a value it calls the Permission Creep Index. The Permission Creep Index is a single metric between 0 and 100 that calculates the difference between the permissions a user has assigned and the permissions a user is using over a given period. So the higher the gap between permissions granted and permissions used, the higher the index value and the higher the risk. 

This risk value and related information can and will then be used to activate any automatic remediation rules you can put in place. This could include removing any used permissions or triggering a review of permissions for that identity. 

Microsoft Entra

Microsoft Entra Permissions Management was previously names CloudKnox permissions, but now rebranded into the Microsoft Family. You can read more about the new product here.

What is Microsoft Entra Verified ID?

Microsoft Entra Verified ID is a seamless and decentralized identity solution that empowers you to issue and verify workplace credentials and any other unique identity attribute. Formerly named Azure AD Verifiable Credentials, now part of the Microsoft Entra family, those who have used the service before will still be familiar with Microsoft Entra Verified ID.

Microsoft Entra Verified ID

Microsoft Entra Verified ID can be accessed through the new Microsoft Entra Dashboard which I have linked at the beginning of this post. On the left-hand side, you will find the Verified ID tab which is where you should start.

How to setup Microsoft Entra Verified ID?

Setting up the new Verified ID service is as easy as a couple of clicks. 

  1. Open https://entra.microsoft.com/ and click on the Verified ID tab from the left-hand menu.
  2. Select Overview
  3. Enter your organisation’s name and custom domain (be sure to take note of the information you see on the screen regarding the domain). 
  4. Select or create your Azure Key Vault. This will be used to store the keys to sign the credentials.

More

If you are interested in security and are looking to become certified, some of our other recent blogs may be perfect for you!

Be sure to leave any comments below and I will respond asap!

Daniel Bradley

My name is Daniel Bradley and I work with Microsoft 365 and Azure as an Engineer and Consultant. I enjoy writing technical content for you and engaging with the community. All opinions are my own.

Leave a Reply