All Research
Executive View

Why don't you like this?

I like this
I don't like this

Microsoft Entra Suite

Anne Bailey
This KuppingerCole Executive View looks at the Microsoft Entra Suite, a complete Zero Trust user access solution to secure employee access across the organization. The Microsoft Entra Suite takes an identity-centric zero trust approach to applying adaptive access policies to protect all employee identities and secure their access to all resources and applications (SaaS, websites, and on-premises), from anywhere (on-premises and remote) in the organization. The products included in the Suite are Microsoft Entra Private Access, Microsoft Entra Internet Access, Microsoft Entra ID Governance, Microsoft Entra ID Protection and Microsoft Entra Verified ID.

1 Introduction

Today’s enterprise has very different needs when securing access for employees than it did a decade ago. A clear rise in cloud deployments alongside legacy and on-premises resources has dissolved the traditional perimeter of security, accelerated by remote work and increasing needs for remote access. The threat landscape is evolving, producing more frequent and more sophisticated attacks. Often, the security systems that organizations have put in place cannot sustain the required employee traffic, nor the volume and advanced nature of cyberattacks.

Security concepts and technologies have advanced to address these needs, and there are clear strategies in combining them for most effective outcomes. Organizations must come to terms with the fact that identity is the common foundation in all digital interactions, and it is both the great enabler of smooth business as usual and a critical security factor. For operations to be as efficient and secure as possible, appropriate, least privilege access must be provided to authorized users, from appropriate locations, to specific resources. The Identity Fabric is a concept to help organizations make this a reality.

A simplified view of the KuppingerCole Identity Fabric seen in figure 1 demonstrates the variety of identities on the far left, for which identity and access must be managed to target systems on the far right. A non-exhaustive list of identity management capabilities, services, and tools are in the center. An ambidextrous ability to integrate these identity services to modern digital and SaaS services as well as back to legacy applications is a must, delivered via an API layer and with connectors, scripts, and code.

A strong Identity Fabric requires secure connectivity and access management to legacy services, on-premises resources, and internet resources. Ideally organizations would choose or migrate to modern approaches for enabling remote access and internet access, like leveraging zero trust network access (ZTNA) instead of VPNs.

Simplified view of the KuppingerCole Identity Fabric, representing identity for everyone (and everything), from anywhere, to anything

Figure 1: Simplified view of the KuppingerCole Identity Fabric, representing identity for everyone (and everything), from anywhere, to anything

ZTNA provides secure access controls and authentication, ensuring secure and encrypted network communication. ZTNA is a key component within SSE, providing secure access while SSE manages the secure connection to network and private and cloud resources.

Onboarding new employees and allowing them to be productive on day one is one of the most challenging scenarios for organizations. It requires trustworthy and privacy-respecting identity verification capabilities and streamlined identity lifecycle processes enabling easy and secure access to all resources needed. For many organizations, these processes are highly manual and disconnected from HR systems and user directories. In order to ensure least privilege access, it is imperative to unify and automate access rights management across all applications, including legacy on-premises resources.

A smart combination of technologies doesn’t just deliver a handful of use cases, it exponentially adds value and security, bringing the organization closer to a unified, cohesive identity fabric.

Although organizations recognize the need to modernize their security concepts and technologies, they need support to get to a complete Zero Trust user access solution. In a 2024 KuppingerCole survey, 84.3% of organizations list Zero Trust as one of their top three cybersecurity initiatives, but over 50% of organizations expect challenges integrating zero trust network access (ZTNA) with their existing infrastructures. This indicates a high awareness and motivation to adopt security best practices, but need support in architecting it to be effective with the combination of legacy and cloud-based resources.

The Microsoft Entra Suite is a set of products designed to build on each other to secure access to employees. It combines the security principles of the Identity Fabric (providing appropriate access to everyone, everywhere, to everything), zero trust (principle of eliminating implicit trust within networks by continuously verifying every stage of a digital interaction) and zero trust network access (ZTNA, applying zero trust and least privilege principles to network access), and the security service edge (SSE, designed to provide robust security for users accessing the web, cloud services, and private applications).

Full article is available for registered users with free trial access or a paid subscription.
Log in
Become a Member and read on!
Create an account and buy a Membership package or use our 7-days free trial period to access this and 900+ other in-depth and up-to-date insights.
Register and request your 7-day free trial
Register
Already convinced? Check out our packages
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use