07-29-2020, 09:12 AM
Identity strategy: staying ahead of evolving customer needs
<div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/identity-strategy-staying-ahead-of-evolving-customer-needs.png" width="1200" height="630" title="" alt="" /></div><div><div><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/identity-strategy-staying-ahead-of-evolving-customer-needs.png" class="ff-og-image-inserted"></div>
<p>Last June, when I shared the <a href="https://www.microsoft.com/security/blog/2019/06/24/5-principles-driving-customer-obsessed-identity-strategy-microsoft/" target="_blank" rel="noopener noreferrer">5 principles driving a customer-obsessed identity strategy at Microsoft</a>, many of you had embraced the idea of a boundaryless environment, but relatively few had implemented it in practice. A global pandemic made remote access essential and forced many of you to accelerate your digital transformation plans.</p>
<p>The new reality requires not only supporting secure remote productivity and collaboration, but also other remote operations, such as onboarding, offboarding, and training employees. And this reality will continue for the near future. According to our most recent <a href="https://www.microsoft.com/en-us/microsoft-365/blog/2020/07/08/future-work-good-challenging-unknown/" target="_blank" rel="noopener noreferrer">Work Life Index</a>, 71 percent of employees and managers (Information Workers) reported a desire to continue working from home at least part-time post-pandemic.</p>
<p>Your experiences and insights have helped shape the investments we’re making in our identity services for the coming year and beyond. Today, I’m sharing with you the updated set of guiding principles we’re following to deliver a secure and scalable identity solution that’s seamless for your end-users.</p>
<h3>Secure adaptive access</h3>
<p><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">An identity system that is secure from the ground up continues to drive our product investments. In a recent survey of over 500 security executives, achieving a high level of protection without impeding user productivity was rated the number one challenge. </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">Using risk-based </span></span><a class="Hyperlink BCX0 SCXW41151671" href="https://docs.microsoft.com/azure/active-directory/conditional-access/overview" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun BCX0 SCXW41151671" data-ccp-charstyle="Hyperlink">Conditional Access</span></span></a><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671"> policies in Azure AD, you can protect sensitive data with minimal friction to your end-users. Th</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">is</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671"> combines the power of </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">I</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">dentity </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">P</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">rotection with </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">C</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">onditional </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">A</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">ccess to only prompt users when the sign-in is considered risky.</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671"> </span></span></p>
<p><span data-contrast="auto">To enhance identity security, we’re investing in compromise prevention technologies such as <a href="https://techcommunity.microsoft.com/t5/azure-active-directory-identity/introducing-security-defaults/ba-p/1061414" target="_blank" rel="noopener noreferrer">security defaults</a>, attack blocking, and password protection, as well as reputation and anti-abuse systems. Security mechanisms like end-user notifications and in-line interrupts can help everyone defend themselves from malicious actors. Every day, our data scientists and investigators evaluate the threat and log data to gather real-world insights, so they can adjust our machine learning algorithms to recognize and protect our customers from the latest threats.</span><span data-contrast="auto"> </span><span data-ccp-props="{"134233279":true,"201341983":0,"335559685":720,"335559739":120,"335559740":240}"> </span><span data-ccp-props="{"134233279":true,"201341983":0,"335559685":720,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">Our product and ecosystem investments are guided by embracing </span><a href="https://www.microsoft.com/security/business/zero-trust" target="_blank" rel="noopener noreferrer"><span data-contrast="none">Zero Trust</span></a><span data-contrast="auto"> security strategy as our worldview. We build Azure AD on the principles of Zero</span><span data-contrast="auto"> Trust</span><span data-contrast="auto"> to make implementing this model across your entire digital estate achievable at scale.</span><span data-ccp-props="{"134233279":true,"201341983":0,"335559685":720,"335559739":120,"335559740":240}"> </span></p>
<h3>Seamless user experiences</h3>
<p>When your employees need to get things done, delivering a great user experience is essential. <span data-contrast="auto">Employees who interact directly with customers, patients, and citizens need tools that are simple to learn and use. Because an easy, fast sign-in experience can make all the difference for your users—and your Help Desk—we’re continuing our investments in Firstline Worker scenarios to address the challenges they face, for example, by providing seamless handoffs of shared mobile devices and enhancing tools and workflows for managers.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">We’ve seen more interest than ever in minimizing the use of passwords and </span><a href="https://www.microsoft.com/security/blog/2020/05/07/protect-accounts-smarter-ways-sign-in-world-passwordless-day/" target="_blank" rel="noopener noreferrer"><span data-contrast="none">eliminating them completely</span></a><span data-contrast="auto">. We continue our commitment to identity standards that help scale the technology and make it more useful and accessible for everyone. </span><span data-contrast="auto">We’re also </span><span data-contrast="auto">developing</span><span data-contrast="auto"> easy-to-use self-service options for end-users, </span><span data-contrast="auto">such as</span><span data-contrast="auto"> managing security information, requesting access to apps and groups, and getting automatic recommendations for approved applications based on what peers are using most. </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">Your customers, business partners, and suppliers also deserve a great, consumer-grade sign-in and collaboration experience. With the </span><a href="https://techcommunity.microsoft.com/t5/azure-active-directory-identity/evolving-azure-ad-for-every-user-and-any-identity-with-external/ba-p/1257361" target="_blank" rel="noopener noreferrer"><span data-contrast="none">External Identities feature in Azure AD</span></a><span data-contrast="auto">, we are investing in making it easier for organizations and developers to secure, manage, and build apps that connect with different users outside your organization.</span><span data-contrast="auto"> </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">We’re also looking ahead to technologies that respect everyone’s privacy</span><span data-contrast="auto">,</span><span data-contrast="auto"> such as </span><a href="https://techcommunity.microsoft.com/t5/azure-active-directory-identity/building-trust-into-digital-experiences-with-decentralized/ba-p/1257362" target="_blank" rel="noopener noreferrer"><span data-contrast="none">decentralized identity</span></a><span data-contrast="auto"> systems and verifiable credentials, that can verify information about an individual without requiring another username and password. Verifiable credentials are based on open standards from W3C and leverage the OIDC protocol, so you will be able to incorporate them into your existing systems.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":252}"> </span></p>
<h3>Unified identity management</h3>
<p><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">I</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">t’s hard to scale and manage security when you have overlapping products from multiple vendors that need to work together. You have a portfolio of on-premises and cloud-based applications that you need to manage </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">and provide secure access to your users</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">. W</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">e ar</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">e simplifying </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">these </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">experiences in Azure AD, making it easier to manage all your </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">applications for all your users in a single place</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">. We’</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">re</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760"> also consolidat</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">ing</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760"> our APIs into Microsoft Graph to unify programmatic access to and management of data across workloads in Microsoft 365, including Azure AD.</span></span><span class="EOP BCX0 SCXW6640760" data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">By embracing open standards, we can help you more easily manage and secure your hybrid environment. We’re working with partners like </span></span><a class="Hyperlink SCXW262236321 BCX0" href="https://blog.box.com/enhancing-interoperability-microsoft-365-transform-work" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun SCXW262236321 BCX0" data-ccp-charstyle="Hyperlink">Box</span></span></a><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0"> and </span></span><a class="Hyperlink SCXW262236321 BCX0" href="https://news.microsoft.com/2020/05/27/microsoft-workday-announce-strategic-partnership-to-accelerate-planning-for-todays-world/" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun SCXW262236321 BCX0" data-ccp-charstyle="Hyperlink">Workday</span></span></a><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0"> to further deepen our product integrations and streamline identity processes. Azure AD is pre-integrated with thousands of SaaS applications, </span></span><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">and more to come, </span></span><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">so you can provide users one set of credentials for </span></span><a class="Hyperlink SCXW262236321 BCX0" href="https://www.microsoft.com/en-us/security/business/identity/secure-application-access" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun SCXW262236321 BCX0" data-ccp-charstyle="Hyperlink">secure access to any application</span></span></a><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">. </span></span><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">We are continuing to extend capabilities in Azure AD so that you can migrate access for all your applications to be </span><span class="NormalTextRun ContextualSpellingAndGrammarErrorV2 GrammarErrorHighlight SCXW262236321 BCX0">managed</span><span class="NormalTextRun SCXW262236321 BCX0"> in the cloud.</span></span><span class="EOP SCXW262236321 BCX0" data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<h3>Simplified identity governance</h3>
<p><span data-contrast="auto">While having the ability to control access requests, approvals, and privileges in a timely and efficient manner is key, traditional identity governance and privileged access management solutions can be cumbersome and inflexible. This is true particularly now that these workflows are more often done remotely than in person. P</span><span data-contrast="auto">roviding</span><span data-contrast="auto"> every user</span><span data-contrast="auto"> access to the apps and files </span><span data-contrast="auto">they </span><span data-contrast="auto">need should be as simple as </span><a href="https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview#what-are-access-packages-and-what-resources-can-i-manage-with-them" target="_blank" rel="noopener noreferrer"><span data-contrast="none">defining access packages</span></a><span data-contrast="auto"> and group assignments upfront</span><span data-contrast="auto">. Onboarding and offboarding employees then become easy with an automated solution connected to your HR system.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">We want to help more companies adopt these scenarios and incorporate our machine learning technology in Azure AD to provide better recommendations and alerts in response to unusual behavior or too many unnecessary privileges. Our goal is for these capabilities to span both employee and </span><span data-contrast="auto">external identity</span><span data-contrast="auto"> scenarios, built in the cloud for maximum benefit. This will help strengthen your overall security, efficiency, and compliance.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">The last several months have been a whirlwind for all of us. We’re in it with you, committed to helping you on your digital transformation journey. Whatever happens, you can be sure that we’ll continue to listen to your feedback and input, so we can evolve our engineering priorities and principles to help you stay ahead and prepare for what comes next. Thank you for your continued trust! </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p>To learn more about Microsoft Security solutions visit our <a href="https://www.microsoft.com/en-us/security/business/solutions" target="_blank" rel="noopener noreferrer">website.</a> Bookmark the <a href="https://www.microsoft.com/security/blog/" target="_blank" rel="noopener noreferrer">Security blog</a> to keep up with our expert coverage on security matters. Also, follow us at <a href="https://twitter.com/@MSFTSecurity" target="_blank" rel="noopener noreferrer">@MSFTSecurity</a> for the latest news and updates on cybersecurity.</p>
</div>
https://www.sickgaming.net/blog/2020/07/...mer-needs/
<div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/identity-strategy-staying-ahead-of-evolving-customer-needs.png" width="1200" height="630" title="" alt="" /></div><div><div><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/07/identity-strategy-staying-ahead-of-evolving-customer-needs.png" class="ff-og-image-inserted"></div>
<p>Last June, when I shared the <a href="https://www.microsoft.com/security/blog/2019/06/24/5-principles-driving-customer-obsessed-identity-strategy-microsoft/" target="_blank" rel="noopener noreferrer">5 principles driving a customer-obsessed identity strategy at Microsoft</a>, many of you had embraced the idea of a boundaryless environment, but relatively few had implemented it in practice. A global pandemic made remote access essential and forced many of you to accelerate your digital transformation plans.</p>
<p>The new reality requires not only supporting secure remote productivity and collaboration, but also other remote operations, such as onboarding, offboarding, and training employees. And this reality will continue for the near future. According to our most recent <a href="https://www.microsoft.com/en-us/microsoft-365/blog/2020/07/08/future-work-good-challenging-unknown/" target="_blank" rel="noopener noreferrer">Work Life Index</a>, 71 percent of employees and managers (Information Workers) reported a desire to continue working from home at least part-time post-pandemic.</p>
<p>Your experiences and insights have helped shape the investments we’re making in our identity services for the coming year and beyond. Today, I’m sharing with you the updated set of guiding principles we’re following to deliver a secure and scalable identity solution that’s seamless for your end-users.</p>
<h3>Secure adaptive access</h3>
<p><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">An identity system that is secure from the ground up continues to drive our product investments. In a recent survey of over 500 security executives, achieving a high level of protection without impeding user productivity was rated the number one challenge. </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">Using risk-based </span></span><a class="Hyperlink BCX0 SCXW41151671" href="https://docs.microsoft.com/azure/active-directory/conditional-access/overview" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun BCX0 SCXW41151671" data-ccp-charstyle="Hyperlink">Conditional Access</span></span></a><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671"> policies in Azure AD, you can protect sensitive data with minimal friction to your end-users. Th</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">is</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671"> combines the power of </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">I</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">dentity </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">P</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">rotection with </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">C</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">onditional </span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">A</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671">ccess to only prompt users when the sign-in is considered risky.</span></span><span class="TextRun BCX0 SCXW41151671" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW41151671"> </span></span></p>
<p><span data-contrast="auto">To enhance identity security, we’re investing in compromise prevention technologies such as <a href="https://techcommunity.microsoft.com/t5/azure-active-directory-identity/introducing-security-defaults/ba-p/1061414" target="_blank" rel="noopener noreferrer">security defaults</a>, attack blocking, and password protection, as well as reputation and anti-abuse systems. Security mechanisms like end-user notifications and in-line interrupts can help everyone defend themselves from malicious actors. Every day, our data scientists and investigators evaluate the threat and log data to gather real-world insights, so they can adjust our machine learning algorithms to recognize and protect our customers from the latest threats.</span><span data-contrast="auto"> </span><span data-ccp-props="{"134233279":true,"201341983":0,"335559685":720,"335559739":120,"335559740":240}"> </span><span data-ccp-props="{"134233279":true,"201341983":0,"335559685":720,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">Our product and ecosystem investments are guided by embracing </span><a href="https://www.microsoft.com/security/business/zero-trust" target="_blank" rel="noopener noreferrer"><span data-contrast="none">Zero Trust</span></a><span data-contrast="auto"> security strategy as our worldview. We build Azure AD on the principles of Zero</span><span data-contrast="auto"> Trust</span><span data-contrast="auto"> to make implementing this model across your entire digital estate achievable at scale.</span><span data-ccp-props="{"134233279":true,"201341983":0,"335559685":720,"335559739":120,"335559740":240}"> </span></p>
<h3>Seamless user experiences</h3>
<p>When your employees need to get things done, delivering a great user experience is essential. <span data-contrast="auto">Employees who interact directly with customers, patients, and citizens need tools that are simple to learn and use. Because an easy, fast sign-in experience can make all the difference for your users—and your Help Desk—we’re continuing our investments in Firstline Worker scenarios to address the challenges they face, for example, by providing seamless handoffs of shared mobile devices and enhancing tools and workflows for managers.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">We’ve seen more interest than ever in minimizing the use of passwords and </span><a href="https://www.microsoft.com/security/blog/2020/05/07/protect-accounts-smarter-ways-sign-in-world-passwordless-day/" target="_blank" rel="noopener noreferrer"><span data-contrast="none">eliminating them completely</span></a><span data-contrast="auto">. We continue our commitment to identity standards that help scale the technology and make it more useful and accessible for everyone. </span><span data-contrast="auto">We’re also </span><span data-contrast="auto">developing</span><span data-contrast="auto"> easy-to-use self-service options for end-users, </span><span data-contrast="auto">such as</span><span data-contrast="auto"> managing security information, requesting access to apps and groups, and getting automatic recommendations for approved applications based on what peers are using most. </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">Your customers, business partners, and suppliers also deserve a great, consumer-grade sign-in and collaboration experience. With the </span><a href="https://techcommunity.microsoft.com/t5/azure-active-directory-identity/evolving-azure-ad-for-every-user-and-any-identity-with-external/ba-p/1257361" target="_blank" rel="noopener noreferrer"><span data-contrast="none">External Identities feature in Azure AD</span></a><span data-contrast="auto">, we are investing in making it easier for organizations and developers to secure, manage, and build apps that connect with different users outside your organization.</span><span data-contrast="auto"> </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">We’re also looking ahead to technologies that respect everyone’s privacy</span><span data-contrast="auto">,</span><span data-contrast="auto"> such as </span><a href="https://techcommunity.microsoft.com/t5/azure-active-directory-identity/building-trust-into-digital-experiences-with-decentralized/ba-p/1257362" target="_blank" rel="noopener noreferrer"><span data-contrast="none">decentralized identity</span></a><span data-contrast="auto"> systems and verifiable credentials, that can verify information about an individual without requiring another username and password. Verifiable credentials are based on open standards from W3C and leverage the OIDC protocol, so you will be able to incorporate them into your existing systems.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":252}"> </span></p>
<h3>Unified identity management</h3>
<p><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">I</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">t’s hard to scale and manage security when you have overlapping products from multiple vendors that need to work together. You have a portfolio of on-premises and cloud-based applications that you need to manage </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">and provide secure access to your users</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">. W</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">e ar</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">e simplifying </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">these </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">experiences in Azure AD, making it easier to manage all your </span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">applications for all your users in a single place</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760">. We’</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">re</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760"> also consolidat</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 DefaultHighlightTransition SCXW6640760">ing</span></span><span class="TextRun BCX0 SCXW6640760" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun BCX0 SCXW6640760"> our APIs into Microsoft Graph to unify programmatic access to and management of data across workloads in Microsoft 365, including Azure AD.</span></span><span class="EOP BCX0 SCXW6640760" data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">By embracing open standards, we can help you more easily manage and secure your hybrid environment. We’re working with partners like </span></span><a class="Hyperlink SCXW262236321 BCX0" href="https://blog.box.com/enhancing-interoperability-microsoft-365-transform-work" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun SCXW262236321 BCX0" data-ccp-charstyle="Hyperlink">Box</span></span></a><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0"> and </span></span><a class="Hyperlink SCXW262236321 BCX0" href="https://news.microsoft.com/2020/05/27/microsoft-workday-announce-strategic-partnership-to-accelerate-planning-for-todays-world/" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun SCXW262236321 BCX0" data-ccp-charstyle="Hyperlink">Workday</span></span></a><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0"> to further deepen our product integrations and streamline identity processes. Azure AD is pre-integrated with thousands of SaaS applications, </span></span><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">and more to come, </span></span><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">so you can provide users one set of credentials for </span></span><a class="Hyperlink SCXW262236321 BCX0" href="https://www.microsoft.com/en-us/security/business/identity/secure-application-access" target="_blank" rel="noreferrer noopener"><span class="TextRun Underlined SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="none"><span class="NormalTextRun SCXW262236321 BCX0" data-ccp-charstyle="Hyperlink">secure access to any application</span></span></a><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">. </span></span><span class="TextRun SCXW262236321 BCX0" lang="EN-US" xml:lang="EN-US" data-contrast="auto"><span class="NormalTextRun SCXW262236321 BCX0">We are continuing to extend capabilities in Azure AD so that you can migrate access for all your applications to be </span><span class="NormalTextRun ContextualSpellingAndGrammarErrorV2 GrammarErrorHighlight SCXW262236321 BCX0">managed</span><span class="NormalTextRun SCXW262236321 BCX0"> in the cloud.</span></span><span class="EOP SCXW262236321 BCX0" data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<h3>Simplified identity governance</h3>
<p><span data-contrast="auto">While having the ability to control access requests, approvals, and privileges in a timely and efficient manner is key, traditional identity governance and privileged access management solutions can be cumbersome and inflexible. This is true particularly now that these workflows are more often done remotely than in person. P</span><span data-contrast="auto">roviding</span><span data-contrast="auto"> every user</span><span data-contrast="auto"> access to the apps and files </span><span data-contrast="auto">they </span><span data-contrast="auto">need should be as simple as </span><a href="https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-overview#what-are-access-packages-and-what-resources-can-i-manage-with-them" target="_blank" rel="noopener noreferrer"><span data-contrast="none">defining access packages</span></a><span data-contrast="auto"> and group assignments upfront</span><span data-contrast="auto">. Onboarding and offboarding employees then become easy with an automated solution connected to your HR system.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">We want to help more companies adopt these scenarios and incorporate our machine learning technology in Azure AD to provide better recommendations and alerts in response to unusual behavior or too many unnecessary privileges. Our goal is for these capabilities to span both employee and </span><span data-contrast="auto">external identity</span><span data-contrast="auto"> scenarios, built in the cloud for maximum benefit. This will help strengthen your overall security, efficiency, and compliance.</span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p><span data-contrast="auto">The last several months have been a whirlwind for all of us. We’re in it with you, committed to helping you on your digital transformation journey. Whatever happens, you can be sure that we’ll continue to listen to your feedback and input, so we can evolve our engineering priorities and principles to help you stay ahead and prepare for what comes next. Thank you for your continued trust! </span><span data-ccp-props="{"201341983":0,"335559739":120,"335559740":240}"> </span></p>
<p>To learn more about Microsoft Security solutions visit our <a href="https://www.microsoft.com/en-us/security/business/solutions" target="_blank" rel="noopener noreferrer">website.</a> Bookmark the <a href="https://www.microsoft.com/security/blog/" target="_blank" rel="noopener noreferrer">Security blog</a> to keep up with our expert coverage on security matters. Also, follow us at <a href="https://twitter.com/@MSFTSecurity" target="_blank" rel="noopener noreferrer">@MSFTSecurity</a> for the latest news and updates on cybersecurity.</p>
</div>
https://www.sickgaming.net/blog/2020/07/...mer-needs/