Event banner
Event details
26 Comments
- Trevor_Rusher
Community Manager
Thank you for joining our AMA today! We appreciate all the great questions and hope you learned something new! I'll be locking this event to new questions and sharing a summary of the questions and answers in this space in a bit. - What tools do you recommend protecting your laptop from viruses and attacks?
- singhanmol
Microsoft
Hi Rajiv, this forum today is more specifically related to Microsoft Entra Permissions Management (MEPM), which is our CIEM tool. Regarding your question, Microsoft Defender for Endpoint is our endpoint protection platform to prevent, detect, investigate, and respond to advanced threats. For more, please refer to https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide.
Similar to Andy Bowen's question: Are there plans to improve the ID management between Microsoft and (software X - such as CKAN etc)? An open API (encrypted but published not completely open) between third party software products such as say ChatGPT conversations?
- singhanmolHi John, we offer an extensive RESTful API platform, Microsoft Graph (https://learn.microsoft.com/en-us/graph/overview) that enables third-party software platforms (like the ones you mentioned, Software X and ChatGPT) to access Microsoft Cloud services, including Microsoft identity platform that helps you build applications for users and customers to sign in and integrate with our identity services.
- Thanks Anmol. OData with encryption or hashing would work didn't know it was on Graph.
- Are there plans to improve the ID management between Microsoft and VMware Horizons?
- I would like to be able to get compliance info into AAD from VMware Workspace One.
- lauraviarengoHi David! For questions about Azure AD, please visit the Azure AD discussion page: https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad/bd-p/Azure-Active-Directory
- SteveBallThanks Andy - we hope to enable vSphere as a data source for Entra Permissions Management in the future, but could you clarify more details about what scenarios you'd like to see covering ID management for Horizons?
- Do you have a publicly available roadmap for upcoming features?
- SteveBallHi David - great question, we do not have a (public) roadmap update yet, however we are continuously working on new scenarios and features for Entra and Entra Permissions Management. If you have a specific scenario, need, or request, we'd love to hear more details?
- what is your security tool microsoft defender
- lauraviarengoHi Rajiv! More information about Microsoft Defender can be found here: https://www.microsoft.com/en-us/security/business/endpoint-security/microsoft-defender-business
Will Entra introduce reduced privilege capabilities around OAuth token administration? How about browser based adding/deleting/updating? Currently GA permissions and uploading csv files are required for use.
- SteveBallThank you, Patrick. We're working on developing and releasing new scenarios in a short term and longer term roadmap - we'd love to hear your ideas (like OAuth token support which we do not support today.) Our current remediation processes are browser-based (or you can remediate via cut and pasting scripts from Entra Permissions Management into the console of choice.) If useful, could you expand on your CSV comment to clarify what you'd like to see with more detail?
- Currently using the (https://entra.microsoft.com/#view/Microsoft_AAD_IAM/MultifactorAuthenticationMenuBlade/~/HardwareTokens/fromProviders~/false?Microsoft_AAD_IAM_legacyAADRedirect=true) link to manage OAuth tokens. Uploading of CSV's is ok for bulk loading but once devices are uploaded, they cannot be changed from the portal without deleting and re-uploading by a Global Administrator. Really would like to delegate administration to our Service Desk staff for regular users. Additionally, being able to add/change device mappings from the web interface. For ease of administration for delegated admins, it would be nice if this was exposed within the UserProfileMenuBlade under "Authentication methods" for a given user.
- Has Entra been reviewed by ISACA or other umbrella auditing organization? If not what is the relationship of Entra to regular/annual IT audits?
- singhanmolWe adhere to multiple industry regulations, compliance and audits reports that you could find here on the service trust portal at: https://servicetrust.microsoft.com/Documents/ComplianceReports Here is an additional link to the documentation specific to reporting and monitoring in Azure AD : https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-audit-logs
- Thanks - Having SOC is enough for most.
- Trevor_RusherWelcome to the Microsoft Entra Permissions Management Ask Microsoft Anything (AMA)! This live hour gives you the opportunity to ask questions directly to the Microsoft team. Please post any questions in a separate, new comment thread. Thanks!
- What is the baseline or benchmark that Entra uses to indicate the risk or issue?
- singhanmolHi Naresh, if your question refers to Microsoft Entra Permissions Management, our CIEM solution, we use PCI (Permissions Creep Index) as a quantitative measure of risk associated with an identity or role determined by comparing permissions granted versus permissions exercised. It allows to instantly evaluate the level of risk associated with the number of unused or over-provisioned permissions across identities and resources.
