Blog Post

Microsoft Entra Blog
5 MIN READ

New identity partnerships and integrations to strengthen your security

Sue Bohn's avatar
Sue Bohn
Icon for Microsoft rankMicrosoft
Nov 03, 2021

This week is Microsoft Ignite and we’re excited to share the latest identity innovations we’ve released to help you be more resilient, secure, and productive across platforms and clouds. In addition to the new innovations we shared earlier this week, we’ve been collaborating with a wide range of technology partners to extend our Azure Active Directory (Azure AD) capabilities. We’ve been working with several partners to develop integrations with the apps you use to provide seamless access and provide better protection across your unique environments. Read on to learn more about new partner integrations now available:

 

New pre-integrated apps available in the Azure AD app gallery

As we partner deeply with independent software vendors (ISVs) on integrating with Azure AD, we are continuing our efforts to add more pre-integrated apps in our Azure AD App gallery. Since July, we’ve added 101 new apps that support federated single sign-on (SSO) and 23 new provisioning connectors. These pre-built integrations make it easier to configure, manage and secure the applications you use with Azure AD. Some notable additions to our Azure AD app gallery include:

 

 

Ensure compliance with separation of duties checks integrated with Pathlock

With separation of duties checks now available in preview in Azure AD entitlement management, customers can now ensure that users do not take on excessive access rights.  Admins and access managers can prevent users from requesting additional access packages if they’re already assigned to other access packages or are a member of other groups that are incompatible with the requested access.

 

Enterprises with critical regulatory requirements for SAP, Oracle and other financial and business apps have historically leveraged specialist IT Governance, Risk management, and Compliance (GRC) vendors for transaction level controls and reporting on access within those apps. With the integrations we’re developing with GRC partners and business app developers, customers will be able to have a single consistent view of access controls and enforce separation of duties checks across their financial and other business critical applications and Azure AD-integrated applications.

 

Recently we’ve partnered with Pathlock, an Access Orchestration vendor, to integrate Azure AD entitlement management into their solution.  This integration enables Pathlock customers to leverage fine-grained separation of duties checks with access packages in Azure AD, and over time will help customers to address Sarbanes Oxley and other compliance requirements for access to 140+ critical business applications.

 

 

Strengthen security with Conditional Access integrations with SentinelOne and Illusive Networks

Too often information, threat intelligence and risk sharing happen in silos and can pose security challenges for customers. That’s why we believe it’s critical to partner across the security ecosystem to ensure our solutions can work well together.

 

Recently we’ve partnered with SentinelOne to integrate Azure AD into the SentinelOne Singularity Platform. With SentinelOne deployed on an endpoint directly and integrated with Azure AD, our joint customers have a mechanism to verify trust continually and automatically with every single user identity or endpoint. Also, information on any impacted user identity found in SentinelOne is shared with Azure AD in real-time, triggering the organization’s Conditional Access policy.

 

 

We also recently partnered with Illusive Networks on integrating Conditional Access policies in Illusive’s Identity Risk Management solution.  Illusive Networks can now help customers reduce attacks on privileged identities by automatically mitigating identity risks and policy violations. This results from stepping up Conditional Access policies when risks are detected on the most sensitive credentials.

 

 

Shaping the verified and secure digital identity for today and the future

Microsoft is partnering with leaders of the identity community to enable a secure and standardized exchange of verified information and credentials, empowering everyone to own and control their own identity with technologies guided by principles of privacy, security, fairness and individual control.

 

Recently, we announced a collaboration with CLEAR, to enable participating CLEAR members the ability to leverage their digital identity in even more places, all while maintaining their privacy and security. This future integration with Azure AD would allow members to access digital credentials, verified by CLEAR, through the Authenticator app -- including but not limited to health status, vaccination records, age validation, payment method, and more.

 

Streamline sign-in and sign-up with IDEMIA mID

Now in preview, Azure AD B2C customers can now enable mobile driver license sign-in/sign-up with IDEMIA mID solution. IDEMIA’s Mobile ID allows citizens to benefit from a government-issued trusted digital ID and leverages a selfie match to verify identity, or by using a self-selected PIN or TouchID/FaceID. Mobile ID allows citizens to control their identities by allowing them to share only the information needed for a transaction.

 

 

New FIPS certified FIDO2 Security Keys

Since the Presidential Executive Order announced in May 2021 we’ve been working with top FIDO2 security key vendors such as Yubico and FEITIAN to complete FIPS 140-2 certification for their solutions and ensure their security keys are compatible with Windows 11 and Azure AD. These new certified keys include:

 

 

FEITIAN Biometric FIDO Security Key: FEITIAN now offers a biometric FIPS 140-2 validated FIDO2 security key and has achieved FIPS 140-2 level 2.

 

Yubico 5 series: Yubico has completed FIPS 140-2 validation for the YubiKey 5 series. FIPS 140-2 validation enables government agencies and regulated industries to meet the highest authenticator assurance level 3 (AAL3) requirements from the new NIST SP800-63B guidance.

 

Get started with the Zero Trust Guidance Center to build your next integration

For partners interested in developing Zero Trust ready solutions that integrate with Microsoft Security products, we recently added a new Technology Partner Integration section to the Zero Trust Resource Center. The new Technology Partner Integration section enables partners to learn about integration opportunities across our Zero Trust technology pillars. To learn how to build a Zero Trust ready solution that integrates with Azure AD, Azure AD B2C and learn about identity scenarios your solution can take advantage of, please check out our Zero Trust identity integration video below:

 

 

We appreciate the partnership across the security ecosystem and look forward to more integrations in the future. Reach out to me on Twitter @Sue_Bohn to share ideas or leave comments below.

 

Best regards,

Sue Bohn

Vice President of Program Management

Microsoft Identity Division

Twitter: @Sue_Bohn

 

 

 

Learn more about Microsoft identity:

Updated Nov 08, 2021
Version 2.0
No CommentsBe the first to comment