MicrosoftJust Amazing; also when it comes to things like update «EU Data Boundary for the Microsoft Cloud» and even for countries as Norway with some laws or regulations against very specific data not being stored outside our boarders. Just love it because of those who just try to go backwards in time, but Azure AD is built to support no limits and no boarders in the clouds and now you can if you want set some limits. Even though they might soon come to the different solutions and conclusions; when times go by and laws are more modified to support the wider and for the law makers right now the unseen benefits.
When everything else is moved to the clouds and the local office data rooms are closed, you might find those GDPR or Schrems2 data stored in old non-updated and unprotected machines or usb storage in the common areas and sometimes controlled by the national HR boss in the company; unprotected and easy to walk away with: not so safe compared with the clouds.
BTW:
I have shown in the Azure AD B2C environment; our identity playground, the benefit of an extensible work flow. Where such data can be protected against M(an)I(n)T(he)M(idle) or even from your cloud provider, the ability to encrypt data not only in the cloud, but also in different cloud or OnPrem systems. Even the ability to control MFA factors OnPrem or even better the ability to use OneCloudSecureIdentity to several OnPrem, IM’s, IDP’s or different other cloud Identities or to control a more natural human life time, where we also support earlier stages where parents need insight into their children’s digital identities and the other side where children’s help the parents when they become to old to managed everything on their own. The natural life cycle also ends at least as long as we haven’t solved the aging process; we aren’t yet as hydra:
https://www.nature.com/articles/nature.2013.14322
It’s quite easy to design Identity systems, but not making an ideal one for every situation and for any systems. Especially when we add all the different attempts to it and make it far more difficult to do identity theft; when we add biometric, different MFA factores, CAE and proper Conditional Access concept. It’s also a lot of those crypto coins being lost because of bad designs. A proper O(n)B(ehalf)O(f) design might also be used to support the old fortresses OnPrem where it’s lot of limitations also taken when we hadn’t any clouds or cloud identities. We have just started Zero Trust Architecture concepts and it will evolve to something far better in the future where we move from the static to a far more dynamic secure world. When we do redesign we seldom get things worse; since we improve and use our improved insight to make it far better. The work Sue Bohn teams are doing is amazing and the work Robin Goldstein teams do to improve external identities in the main tenant is extremely important for the future possibilities. To our friends in the identity team keep the good work going; it’s just amazing the possibilities to come if we do it proper together: “If you want to go fast go alone, if you want to go far go together”.
