• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

These are Microsoft’s 5 Identity Priorities in 2023

Microsoft outlines its five identity security priorities for the new year, with Entra tools as the key solution.

January 10, 2023 Zachary Comeau Leave a Comment

Microsoft Dynamics 365 Copilot
Dvoevnore /stock.adobe,com

With cybercriminals hellbent on stealing passwords and compromising credentials, identity has become the new cybersecurity battleground, with Microsoft reporting more than 111 million password attacks a day.

The Redmond, Wash. tech giant’s analysis of identity attacks doesn’t stop there, as the company says password breach replay attacks grew to 5.8 billion per month in 2022, while phishing attacks rose to 31 million per month. Password spray attacks, meanwhile, continued to climb to 5 million per month.

Since 2018, those four attack methods have drastically increased, with password spray attacks alone skyrocketing 1,329%, according to Microsoft’s internal logs.

The company used that information in a blog post about five new identity priorities for the new year, which include using a “Defense in Depth” approach, modernizing identity security; configuring identity and network access solutions to work together; simplifying and automating identity governance; and verifying remote users more efficiently and securely.

Defense in depth

According to the blog from Joy Chik, Microsoft’s president of identity and network access, organizations should use a “defense in depth” approach that requires more than just protecting user accounts and includes protecting every layer of the identity ecosystem.

A defense in depth approach includes security posture management, real-time protection and remediation with identity and identity threat detection and investigation.

The first step towards a defense in depth approach is turning on multifactor authentication (MFA), which is included in Azure AD and Microsoft Entra, Microsoft’s identity security solution. According to Chik, 99.9% of compromised accounts didn’t use MFA. Other steps include using phishing-resistant multifactor authentication methods such as Windows Hello, FIDO 2 security keys, passkeys and certificate-based authentication. Also recommended is blocking legacy authentication protocols.

Modernize identity security

Rather than sticking with familiar legacy technologies, organizations should migrate to new cloud-native identity solutions that are better able to respond to modern threats and rapid changes to products, services and business processes.

To start, Chik recommends migrating off of Active Directory Federation Services (AD FS) to simplify environments and retire on-premises servers. Then, connect pre-integrated applications to Azure AD to gain advantages like single sign-on. Lastly, inventory the security environment and consolidate redundant tools to reduce management burden and apply subscription savings to other areas.

Configure identity and network access solutions to work together

Microsoft and Chik also urges organizations to integrate tools that have historically operated in silos, such as network access solutions and identity solutions.

“Applying a Zero Trust approach means explicitly verifying every access request using every available signal,” Chik writes. “You can get the most detailed picture of session risk by combining everything the network access solution knows about the network and device with everything the identity solution knows about the user session.”

Simplify and automate identity governance

To protect against both external and internal threats, Chick says organizations should keep tabs on who has access to what to help reduce internal risk. Pitching Microsoft Entra Identity Governance, Chick says the solution can help organizations comply with regulations and increase productivity through real-time, self-service and workflow-based entitlements.

“It extends capabilities already available in Azure AD by adding Lifecycle Workflows, separation of duties, and cloud provisioning to on-premises apps,” Chik writes. “Because it’s cloud-delivered, Microsoft Entra Identity Governance scales to complex cloud and hybrid environments, unlike traditional on-premises identity governance point solutions.”

More efficient verification of remote users

Lastly, Chik says advancements in identity solutions can help organizations save time and resources when verifying documents to prove the identity of someone applying for a job, loan, citizenship and more.

Manually collecting and storing that information creates more risk for the organization and its customers, she says, pitching Microsoft Entra Verified ID as a solution.

“Verifiable credentials introduce the concept of a per-claim trust authority. The trust authority populates a credential with a claim about you that you can store digitally,” Chik writes. “For example, a loan officer can confirm your current employment by requesting digital credentials issued by your employer and verifying them in real time.”

Read Microsoft’s blog to learn more about Microsoft Entra and the company’s other identity solutions.

Tagged With: Entra, Identity Management, Microsoft

Related Content:

  • Rendering of Nureva HDL310 in a conference space. Nureva Adds HDL310 Sound Bar for Mid-Size Spaces
  • Microsoft Security Copilot Microsoft Brings Generative AI to Defenders with Security…
  • Crestron AirMedia Adapter plugged into laptop Crestron Unveils AirMedia Connect Adaptor
  • Cisco Webex AI Cisco is Bringing More AI-Powered Hybrid Work Features…

Free downloadable guide you may like:

  • Four IT Trends That Will Define 2023Expert Series: Four IT Trends That Will Define 2023

    Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations emerging from each.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Four IT Trends That Will Define 2023
Expert Series: Four IT Trends That Will Define 2023

Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations ...

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.