This month, our team is busy participating in several industry events – the RSA Conference, Gartner IAM and Microsoft Build – and sharing the new partnerships and integrations we’ve developed to help support your Zero Trust strategy.
Reflecting on last year, the RSA Conference in 2020 was my last in-person business trip before the pandemic. I loved connecting with our customers and partners to celebrate their hard work and discuss future opportunities to collaborate. I also enjoyed announcing the recipients of our Microsoft Security Partner Awards last week. While the RSA Conference is virtual this year, I was able to continue my tradition of celebrating our partners at our Microsoft Security Partner Awards.
Congratulations to all the winners of Microsoft Security Partner Awards! Something else worth celebrating? Exciting new integrations from our key alliance partners.
The general availability of Azure AD passwordless is generating buzz. Many customers are deploying passwordless authentication to improve their Zero Trust strategy. The Government of Nunavut, for example turned to phishing-resistant FIDO2-based YubiKeys after experiencing a ransomware attack.
This month, I want to highlight two new FIDO2 security keys with biometric sensors.
Nymi Workplace Wearables: This is our first wearable FIDO2 device that uses both fingerprint and heartbeat sensors to continuously authenticate you. You can use this device to access Azure AD-connected applications and physical buildings without regularly touching the device. Learn more about how the Nymi Workplace Wearable works by watching this video.
Kensington Verimak IT Fingerprint Key: This new FIDO2 device has a simple design and Match-in-Sensor Fingerprint Technology, which combines high biometric performance and 360-degree readability with anti-spoofing technology. It exceeds industry standards for false rejection rate (FRR 2%) and false acceptance rate (FAR 0.001%). Fingerprint data is also isolated and secured in the sensor, so only an encrypted match is transferred.
FIDO2 security keys are just one of the ways – along with Windows Hello for Business and the Microsoft Authenticator app – organizations can go passwordless. You can find the list of FIDO2 security key providers that are compatible with our passwordless experience in our documentation here.
Last year, F5 and Microsoft launched a simplified user and administrator experience for application access to help customers enable their workforce to access all apps, including apps that use legacy authentication, seamlessly and securely when working from home. Since then, we’ve seen the use of the F5 BIG-IP Access Policy Manager (APM) integration increase nearly three times, with customers like Durham County and Johnson Controls using these capabilities to help deploy their Zero Trust strategy.
To make it easier for customers to protect their apps with F5 BIG-IP APM, F5 has developed an integration that allows customers to apply Conditional Access policies directly in the F5 BIG-IP APM interface. Customers will be able to streamline policy enforcement, such as requiring multi-factor authentication (MFA) for non-compliant devices, for access to their apps behind F5 BIG-IP APM. With this integration, customers can easily extend the power of Conditional Access that they use for their cloud apps to apps that use legacy authentication as well. This integration will be available in the coming months and you can learn more by reading F5’s blog.
Securing access to legacy apps with Azure AD continues to be a critical step to ensure customers can adopt a Zero Trust strategy. Our secure hybrid access partner solutions and Azure AD App Proxy are ways customers can protect their legacy apps with Azure AD. We’ve added three new secure hybrid access partner solutions to give you more choice on how you can secure your legacy apps. These new secure hybrid access partner solutions include Banyan Security, Datawiza Access Broker and CheckPoint Harmony.
As part of their integration, Datawiza also launched an automated way to integrate legacy apps to Azure AD with their One-Click solution last month. By utilizing the application API in Microsoft Graph, Datawiza’s One-Click solution automates several key application integration steps, eliminating manual steps like the need to toggle between Azure AD and Datawiza’s access management system. For each application, administrators can simply enter basic application information (i.e., location of application) into the Datawiza Cloud Management Console and click a single button to complete the integration with Azure AD.
Our customers need support for a strong network access strategy once they implement Azure AD B2C in their environment. Integrating Cloudflare Web Application Firewall with Azure AD B2C can provide customers the ability to write custom security rules (including rate limiting rules), DDoS mitigation, and deploy advanced bot management features. The Cloudflare WAF works by proxying and inspecting traffic towards your application and analyzing the payloads to ensure only non-malicious content reaches your origin servers. By incorporating the Cloudflare integration into Azure AD B2C, customers can ensure that their application is protected against sophisticated attack vectors including zero-day vulnerabilities, malicious automated botnets, and other generic attacks such as those listed in the OWASP Top 10.
Our team continues to add more applications to the Azure AD app gallery so our customers can easily deploy the apps their organizations need. Recently, we added some highly requested apps such as:
In case you missed some of our recent partner integrations you can watch the latest edition of our new partner integration video below.
Helping customers adopt a Zero Trust approach requires us to work closely together with industry partners. I’m grateful for all the partners that have collaborated with us and welcome new partners to build solutions with our identity platform. We’ve added a new section to the Zero Trust Resource Center for ISVs who are creating Zero Trust solutions for partners. You can learn about general integration strategies, creating secure hybrid access solutions, and becoming a Microsoft-compatible FIDO2 hardware vendor. Reach out to me on Twitter @Sue_Bohn to share ideas or leave comments below.
Partner Director of Program Management
Microsoft Identity Division
Learn more about Microsoft identity:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.