Microsoft's identity services huddle under Entra umbrella

Decentralized identity and knowing who needs what


Microsoft has whipped out the rebranding team once more, and chosen the name "Entra" as a catch-all for the company's identity and access capabilities.

Sadly nothing to do with the sometimes-missed Encarta, the encyclopaedia launched by Microsoft back in the 1990s and eventually killed off in the first decade of the twenty-first century, Entra is not so much about squinting at postage stamp-sized bits of video and more about Azure Active Directory (AAD) and Cloud Infrastructure Entitlement Management (CIEM).

While AAD is a familiar friend (or foe) to administrators responsible for an estate utilizing Microsoft's cloud, CIEM is a recognition that multicloud is a thing and management of identity over a variety of infrastructures and services is needed. This chunk of Entra has been dubbed Microsoft Entra Permissions Management and is designed to automate the principle of least privilege as well as unifying cloud access policies over a user's cloud infrastructure.

Permissions Management sprouted from last year's acquisition of CloudKnox by Microsoft. It covers the likes of AAD, AWS and GCP and, as well as least privilege enforcement, is also designed to monitor unused or excessive permissions.

Microsoft boasted of being the first major cloud player to offer such tech, although we'd contend that any admin worth their salt and responsible for multicloud infrastructure likely has one of several third party tools to hand, such as Horangi or CyberArk's Cloud Entitlements Management.

Also in the Entra family is Microsoft Entra Verified ID, a decentralized identity service that bears more than a passing resemblance to Microsoft's existing public preview of Azure Active Directory Verified Credentials. Of Verified ID, Microsoft says:

"It represents our commitment to an open, trustworthy, interoperable, and standards-based decentralized identity future for individuals and organizations." In terms of standards, the company says it is "actively collaborating with members of the Decentralized Identity Foundation (DIF), the W3C Credentials Community Group, and the wider identity community."

In a world increasingly concerned about sovereignty, Microsoft's Verified ID hands control of identity to the user and, according to Microsoft "enables organizations to have privacy-protected interactions with users."

"Verified ID uses cryptographic keys that are exchanged during issuance and verification, eliminating the need to establish a one-to-one federation between the verifier and the issuer."

Permissions Management (with integration with Microsoft Defender for Cloud) is due to hit general availability during July 2022. Verified ID will arrive in early August 2022. ®

Broader topics


Other stories you might like

Biting the hand that feeds IT © 1998–2022