Microsoft announces new ‘family’ of identity and access management tools

Today, Microsoft announced the launch of Entra, a new product family of identity and access management solutions. The family includes existing tools like Azure AD alongside two new product categories: Cloud Infrastructure Entitlement Management (CIEM) and Decentralized Identity.

For users, Entra product family is designed to protect access to any app or resource by enabling security teams to discover and manage permissions in multicloud environments so they can secure digital identities from end-to-end.

A look at the Microsoft Entra’s product family 

Microsoft’s new CIEM solution, Entra Permissions Management, is a permissions’ management solution that’s designed to provide visibility into permissions for user and workload identities that goes live in July.

Entra Permissions Management provides security teams with a solution to detect unused and excessive permissions, so they can more effectively enforce the principle of least privilege and maintain a top-down view of identities across all cloud services including Microsoft Azure, Amazon Web Services and Google Cloud platform.

The organization’s new decentralized identity offering, Verified ID, is available in early August and will enable users to decide what information they share, when, who they share it with and provide them with the ability to revoke access when necessary.

Verified ID also provides teams with a method to verify the credentials of users and organizations. For instance, users can store their education and certification credentials and share them with other users on request to verify their identity.

Protecting digital identities as part of the attack surface 

The launch of these new solutions comes as digital identities have become a critical part of most organization’s attack surfaces, with cyber criminals using identity-based attacks, such as credential theft and social engineering to gain access to enterprise environments and steal sensitive information.

In fact, research shows that identity-driven techniques accounted for three out of the five top attacks targeting organizations in 2021.

As Vasu Jakkal, CVP Microsoft, Security, Compliance, Identity and Privacy explains, while the digital universe starts with your digital identity, it’s an “attack vector that is getting easily exploited.”

Identity “is the battle of security attacks right now and there are 921 attacks per second,”

 This has almost doubled. There were 579 attacks per second just a few months back, so the escalation of attacks continues to increase and that puts people at extreme risk when it comes to their own personal security.” 

that this challenge is augmented due to a “dangerous mismatch” between what defenders can protect with existing solutions and the volume of these attacks.

Emerging identity and access management solutions 

Entra’s launch announcement comes as the global identity and access management market is in a state of growth, with researchers estimating the market at $12.26 billion in 2020 and anticipating it will reach a value of $34.52 billion in 2028 as more organizations attempt to grapple with identity-based attacks and compliance concerns.

As the market grows, Microsoft isn’t the only big tech vendor looking to redefine identity management to better protect digital identities. Just recently, Google announced the launch of password less authentication options for users on Chrome and Android to better defend against credential-based attacks.

Likewise, last year, Apple announced the launch of passkeys that are stored in the iCloud Keychain, that enable users to sign into websites and applications without using passwords.

With more providers maturing their approach to identity management and security, Microsoft is aiming to differentiate itself from other vendors by building an end-to-end solution to identity protection across employees, partners, and customers.