Azure Active Directory is a cloud-based identity and access management service that covers a broad range of authentication scenarios, user types, and developer authentication abilities. Its single sign-on makes for a seamless end-user experience, while its multi-factor authentication protects end-users from cyberattacks. This simple yet comprehensive security-centric identity solution, built on industry leading technology, runs the gamut from onboarding to offboarding. The open and interoperable ecosystem integrates with any technology or service that follows the same standards and protocols, so that it compliments other existing investments and maximizes overall return on investment.
The first step with any identity and access management solution is to connect directories and import users. Azure AD natively integrates with cloud HR systems and supports bulk import functionality, empowering administrators to import only the domain services and organizational units they want. The provisioning process paves the way for authentication, ensuring that individuals are who they claim to be. Azure AD uses continuously evolving algorithms and global threat intelligence to build a profile for each end-user. The machine learning engine then leverages dynamic learning to understand a baseline of sign-in properties and behaviors so that the system recognizes and flags only anomalous activity. Conditional access rules heighten security by targeting specific user groups, directory roles, locations, and more. These rules also offer real-time, automated mitigations of high-risk users and logins. Azure AD supports several user- and device-level authentication methods, including behavioral biometrics, multi-factor authentication, single sign-on, password-less, and more.
Once administrators have configured authentication methods and policies to suit their tastes, they can then create governance rules that allow individuals to access all necessary resources. The Azure AD solution works to afford end-users the least amount of privileged access possible without hindering their job duties. Streamlining access management duties in this way allows administrators to do more with less effort. Azure AD also features self-service management which delegates to end-users many IT department functionalities, such as credential recovery and password resets, alleviating many tedious tasks for overwhelmed IT staff members. This platform even supports customer identity and access management so that subscribers can safely share their resources with partner companies.
Overall, Azure AD is a popular end-to-end identity and access management solution that strongly focuses on security. It provides risk-based conditional access, user behavior analytics, identity protection, and real-time risk mitigation. Azure AD is the logical identity and access management choice for those already familiar with Azure. Those who are not familiar with the Azure portal should know it has a sharp learning curve, due to the large number of options it offers. We needed to reference the provided documentation frequently ourselves. However, both the documentation and search functionality are effective. There is no shortage of online forums to help troubleshoot Azure AD.
Pricing for Azure AD Premium P1 starts at $6 per month, per user. Pricing for Azure Premium P2 starts at $9 per month, per user. These prices include 24/7 billing and subscription support. Additional levels of technical support are available, including phone, email, and website support, and access to a knowledgebase and FAQ list. The community forum is well-organized and contains many support documents.
Tested by Tom Weil