We’ve been talking to and deploying a few azure technologies to our clients over the last few years as the ‘cloud’, specifically Microsoft Azure, slowly pushes itself into every organisation’s infrastructure. Obviously, as more and more services are offered by Azure and implemented by larger enterprises, there always seemed to be a common question asked regarding how Azure manages the same user accounts or identities for the many services it offers.
Well, the answer is quite simple. It’s done by the same Active Directory we are all familiar with, only in the cloud, or more aptly named Microsoft Azure Active Directory (Azure AD).
Is it the same as on premise Active Directory? Well, Yes and No. Azure AD builds on all the usual functions offered by normal Active Directory and provides additional benefits unique to Azure services to increase security, identity manageability and most of all make life simple for end-users.
For example, one of its core benefits is the single sign-on feature that allows a single identity’s set of credentials to access the many Software-as-a-Service applications offered by Azure. After all, we all know how difficult it can be to remember multiple set of credentials for different applications, right?
What about security? Well, having a single identity per end-user means manageability of that identity becomes much easier. For starters, you can force multi-factor authentication as per your company’s security guidelines, as well as provide or restrict access to various applications and azure features. All of this, however, is just the tip of the iceberg as there is so much more you can do in Azure AD from device registration to auditing and alerts, but the general idea is to give you as much control over an identity as possible, which can in turn secure cloud based applications, streamline IT processes, assist in cost cutting plans and generally allow you to comply with corporate goals.
So how do you begin using Azure AD? Well, you may already be doing so. If you use Office 365, an Azure application or Dynamics CRM Online then all the user identities you have created thus far will be stored in an Azure AD tenant behind the scenes and can be accessed in the classic Azure management portal with the right Azure subscription. In addition, to make matters even simpler, you can synchronise your existing on premise active directory user accounts to Azure AD eliminating the need to create separate identities for each end-user in the cloud.
Therefore, it is easy to see why Azure AD is a great Azure service that provides a simple platform to manage complex requirements, and as such it will only continue to grow as a key presence, especially in larger enterprises, as the cloud continues to take more of a centre stage in the years to come.