What did Microsoft announce?
Microsoft announced a broad renaming of Azure AD and related products under the Microsoft Entra product family that they introduced last year to consolidate all of Microsoft’s identity and access capabilities under one brand. Microsoft also introduced two new services to go after the Secure Services Edge (SSE) market, Entra Internet Access and Entra Private Access. Microsoft repeatedly emphasized that capabilities, licensing plans, and APIs for the existing renamed products would remain unchanged. The move to consolidate these solutions under the Entra umbrella reflects Microsoft’s recognition of the centrality of identity to any modern security solution. As Microsoft CISO Bret Arsenault stated in this week’s announcement webinar, “Identity is the new perimeter.”
What does “Identity is the new perimeter” mean for today’s organizations?
Microsoft’s announcement recognizes that identity security is central to Zero Trust and is the path forward as organizations work to protect their most critical digital assets. Organizations store their data across more systems than ever before, including cloud providers, cloud-based data systems, and SaaS apps. Users include human and non-human identities (e.g., service accounts and machine identities), and those users access data from diverse devices and locations. The traditional perimeter defined by network boundaries no longer provides meaningful protection for that data, so the focus must shift to controlling what identities are authorized to see and do on data spread across the full range of systems.
Microsoft’s view of the identity perimeter remains too narrow.
As Microsoft customers adopt the expanded Entra family of products and increase their reliance on identity-based security controls, they can no longer afford a limited view of the relationship between users, actions, permissions, and data. To create and maintain security controls to both protect data and support business processes (including identity governance, identity access, privileged access, SaaS access security, and more), organizations need the ability to answer one fundamental question:
Who can and should take what action on what data?
While Microsoft can partially address this question with their Entra portfolio for customers who fully commit to the Azure platform, those customers will still have significant blind spots. What about service accounts and machine identities created outside of Microsoft’s identity tools? What about analyzing access to non-Microsoft systems, like Snowflake, GitHub, or Salesforce? What about custom applications? What about multi-cloud with AWS, GCP or Oracle services? What about a multi-identity world encompassing customer identity, and workforce identity?
Meet Veza: The Identity Security Platform
Veza expands visibility and control of the identity perimeter to provide a full view of the entire identity perimeter. Picking up where vendor-specific solutions and legacy IGA tools fall short, Veza finds excess permissions and privilege violations across an organization’s entire identity attack surface. Veza’s graph architecture is the only approach that delivers a comprehensive view of identity for a modern organization with:
- one platform to visualize and manage identities and associated access permissions across your whole enterprise stack, including cloud infrastructure, data warehouses, on-premise systems, and SaaS apps.
- a unified human-readable language that translates system-specific permission jargon into natural language terms everyone can understand: the effective permissions of users to data anywhere and everywhere (create, read, update, and delete.)
- automated monitoring and remediation to continuously identify and fix excessive privilege assignments, separation of duties violations, and misconfigurations.
- access review automation to create and assign access reviews and certifications across teams.
Microsoft is not alone in recognizing that identity becomes the effective perimeter in any zero trust architecture. In 2023, we’ve seen a steady drumbeat of announcements about new investments in identity-based security solutions as security professionals refocus on identity as the new perimeter. We expect this trend to continue and welcome the increased attention to the identity perimeter.
To learn more about how Veza can help you tackle the increasing demands of managing authorization across all your apps and data, schedule a demo today.