Demystifying Azure AD Identity and Access Managment (AAD IAM)

Sharing is caring!

Azure AD identity and access management enable deep security, productivity, and management across devices, data, apps, and infrastructure. It’s an integral component of Office 365, Azure and Enterprise Mobility + Security. Azure AD manages user identities, create intelligent driven access policies to secure your resources in the cloud, on mobile and on-premises. It also facilitates to establish the layered security with Conditional Access and Multi-Factor authentication.  

Key Features: 

Application management
AuthenticationConditional access
Device Management
Business-to-Business (B2B)
Business-to-Customer (B2C)
Azure Active Directory for developers
Domain services
Enterprise users
Hybrid identity
Identity governance
Identity protection
Managed identities for Azure resources

Privileged identity management (PIM)

Reports and monitoring

Multi-Factor authentication

Azure AD Editions: 

Azure Active Directory comes in four editions—Free, Basic, Premium P1, and Premium P2.  By subscribing to any Microsoft Online business service such as Office 365, Azure you automatically get Azure AD with access to all the free features.

FreeProvides user and group management, on-premises directory synchronization, basic reports, and single sign-on across Azure, Office 365, and many popular SaaS apps.

Basic
Free Features + Provides cloud-centric app access, group-based access management, self-service password reset for cloud apps, and Azure AD Application Proxy, which lets you publish on-premises web apps using Azure AD.

Premium P1
Free & Basic Features + H users access both on-premises and cloud resources. It also supports advanced administration, such as dynamic groups, self-service group management, Microsoft Identity Manager (an on-premises identity and access management suite) and cloud write-back capabilities, which allow self-service password reset for your on-premises users.

Premium P2
Free, Basic & P1 Features + P2 offers Azure Active Directory Identity Protection to help provide risk-based conditional access to your apps and critical company data and Privileged Identity Management to help discover, restrict, and monitor administrators and their access to resources and to provide just-in-time access when needed.

Use Cases

  • Provide your employees secure and easy access to every application from any location and any device. 
  • Quickly deploy applications to devices, do more with less and automate Join/Move/Leave processes.
  • Provide app access to your customers and partners from everywhere and collaborate seamlessly using B2B & B2C.
  • Protect access to my resources from advanced threats
  • Azure AD integration with Identity Governance vendors
  • Access Reviews and Privileged Identity Management 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.