2. How to implement the Identity Governance in Azure Tenant, what is approach and strategy for doing this ?

Mahesh Babu Sadhanagiri 0 Reputation points
2023-11-30T22:21:09.5033333+00:00

Help me with some detailed answers in a simple understandable way with some examples and use cases

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,511 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 29,341 Reputation points Microsoft Employee
    2023-12-01T07:19:36.4833333+00:00

    Hi @Mahesh Babu Sadhanagiri ,

    Thanks for reaching out.

    Identity Governance in Azure is a policy-based centralized orchestration of user identity management and access control. It ensures that the right people have the right access to the right resources, at the right time<sup>.</sup>

    Along with basic functionalities of Identity Governance provided in Entra ID P2 license, we have now Microsoft Entra ID Governance license which provide an advanced set of identity governance capabilities.

    To implement Micrsoft Entra ID Governance, you should have license depends on the features you want to use.

    1. Assess your current Microsoft Entra ID governance posture: Before implementing Identity Governance, it is important to assess your current Microsoft Entra ID governance posture which can be easily done using Identity Governance dashboard. This will help you identify gaps and areas of improvement. You can use Entra reports and monitoring to get insights into your identity governance posture.
    2. Define your Microsoft Entra ID governance policies: Once you have assessed your current posture, you can define your identity governance policies. These policies should align with your organization's security and compliance requirements. You can use the Microsoft recommended baseline policies as a starting point like

    -Which users should have access to which resources?

    -What are those users doing with that access?

    -Is there effective organizational control for managing access?

    -Can auditors verify that the controls are working?

    1. Configure Entra for Microsoft Entra ID governance: After defining your policies, you can configure Microsoft Entra for identity governance. This includes configuring entitlement management, access reviews, privileged identity management, and terms of use. You can use the Entra portal to configure these features.
    2. Automate Microsoft Entra ID governance tasks: To simplify identity governance tasks, you can automate common identity governance scenarios. This includes automating user provisioning, group membership updates, license assignments, and access package assignments. You can use Entra ID app provisioning and dynamic groups to automate these tasks.
    3. Monitor and review Microsoft Entra ID governance: Once you have implemented identity governance, it is important to monitor and review it regularly. This will help you identify any issues or areas of improvement. You can use Microsoft Entra reports and monitoring to monitor your identity governance posture.

    Reference - https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/make-azure-ad-identity-governance-work-for-you/ba-p/2810643

    Hope this will help.

    Thanks,

    Shweta


    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments