In this world of mobility where you expect access to your data everywhere and anywhere, it is important to remember that where ever you need access, your security needs to follow. Most importantly is the ability to verify your identity no matter where you are. Whether you are at your desk or on the road, you need to be able to authenticate seamlessly. Although this does happen relatively seamlessly for users, there is a lot happening behind the scenes that you may not appreciate.
The first thing to consider is that when it comes to verifying your identity, it will be a system that is globally available from the Internet. The Microsoft solution for globally available identity is Azure Active Directory (AD), which is an identity and security service managed and maintained by Microsoft from their data centres around the world. If you have Office 365 you already have Azure AD and when you login to your tenant you are doing so thanks to Azure AD, which verifies who you are and then gives you access to the right services.
Because identity is so crucial in today’s connected world, more and more business services are being connected to Azure AD. You can in fact configure Azure AD to also authenticate you to non Microsoft cloud services, which means they immediately get the benefits of a centralised identity. It also provides all the benefits that come with Azure AD as well as the convenience of a single sign on.
One such benefit Azure AD provides is multi factor authentication (MFA). When enabled, users who login to Azure AD will be prompted for at least a second form of authentication. This could be something like a SMS confirmation code or a unique random number generated from an app on a phone. Access to the systems protected by Azure AD are only granted when the password and this second factor are correct. This means that if the password to Azure AD is ever compromised, then a correct second factor is still required. This makes it much harder for someone to gain unauthorised access. As such, MFA is something you should have enabled on all privileged and administrator accounts.
The great thing about Azure AD is that although you get a version when you sign up for Office 365, you can upgrade this to Azure AD Premium which provides a range of additional features. Some of these include; enhanced connectivity to on premises servers, more detailed auditing and user control, the ability to monitor usage of web based applications and more. This means you only need to pay for the features you need and have them automatically provisioned by Microsoft.
Managing and maintaining identity in today’s environment is a complex task, not to mention the necessity of making it available everywhere at all times. Using the cloud identity management tools that Microsoft provides via services like Azure AD is a smart way to get industrial strength protection and availability, as well as complete flexibility in the way it is configured. This is why Office 365 utilises Azure AD and why you should also.