Secure Identity Access with Azure AD

Azure Active Directory, a service for identity and access management for Microsoft’s cloud-based services, is an application used for user and identity management and authorization for all services and applications in IaaS, PaaS, and SaaS structures serving in the Microsoft Azure cloud.

IaaS (Infrastructure as a Service): A type of service that primarily offers storage and network resources to organizations. Each product is offered as a separate service and is billed according to its usage.

PaaS (Platform as a Service): A cloud system entirely aimed at development and deployment, assisting in distributing all cloud-based applications you can think of. Like the IaaS service, it operates on a pay-as-you-go basis.

SaaS (Software as a Service): This service enables users to connect to and use web-based applications over the web. Examples include Teams, Outlook, Calendar (Microsoft Office 365). This application is accessed over the web and, like the other two services, is also pay-as-you-go.

Secure Identity Access with Azure AD 1
Secure Identity Access with Azure AD 3
Secure Identity Access with Azure AD 5
Strategy Advantages Disadvantages
Cloud identity May be easier to manage for small organizations. Extra effort to create cloud identities.
Nothing to set up within the company. Users need to log in to access cloud workloads.
No additional hardware needed. Passwords may or may not be the same for cloud and on-premises identities.
Users can be easily disabled if they leave the company. Extra effort required to transition cloud identities to synchronized identities
Synchronized identity On-premises password authenticates both on-premises and in the cloud. Some customers may be reluctant to synchronize their directories with the cloud due to certain company policies.
May be easier to manage for small, medium, or large organizations.
Users may have Single Sign-On (SSO) for some resources.
Preferred method of synchronization by Microsoft
Easier to manage.
Federated identity Users may have Single Sign-On (SSO). More steps for setup and configuration.
Account can be immediately disabled and access revoked if a user is terminated or leaves. Higher setup and maintenance costs.
Supports advanced scenarios not possible with synchronization. Requires additional hardware.
Comprehensive setup required for SSO.
Critical failure point if federation server is down, users
What Is Microsoft 365? 7
Previous Post

What Is Microsoft 365?

Next Post

Aeris Sustainability Certification

Aeris Sustainability Certification 9
With solutions services technologies that make a difference

Take Your Business into the Future