Azure Active Directory

The Challenges

•  IT Admins need to manage and control IT tasks like user password resets, user group management, and application resets. 
• Employees and business partners bring their own personal devices to work and need access to software applications. 
• Application Developers need a world-class identity management solution used by organizations around the world. 

What is Azure Active Directory?

Azure Active Directory (Azure AD) is Microsoft’s multi-tenant, cloud-based directory and identity management service. It combines core directory services, advanced identity governance, and application access management.

Azure AD also offers a rich, standards-based platform that enables developers to deliver access control to their applications, based on centralized policy and rules.

Components
Azure AD includes a full suite of identity management capabilities including

• multi-factor authentication, device registration,
• self-service password management,
• self-service group management,
• privileged account management,
• role based access control,
• application usage monitoring,
• rich auditing and
• security monitoring and alerting.

These capabilities can help secure cloud-based applications, streamline IT processes, cut costs and help ensure that corporate compliance goals are met.

Hybrid Identity solutions
Azure AD can be integrated with an existing Windows Server Active Directory, creating hybrid identity solutions that enable you to synchronize on-premises directory objects with Azure AD while still managing your users on-premises.  This gives organizations the ability to leverage their existing on-premises identity investments to manage access to cloud based SaaS applications.

Azure AD tiers
All Microsoft Online business services rely on Azure Active Directory (Azure AD) for sign-in and other identity needs. By default, these services have access to the Free features of Azure AD.

To enhance your Azure Active Directory, you can add paid capabilities using the Azure Active Directory Basic, Premium P1, and Premium P2 editions.

Azure AD Business to Consumer (B2C)
Active Directory B2C is the identity and access management solution for your consumer-facing applications. Azure AD B2C enables your application to authenticate:

• Social Accounts (such as Facebook, Google, LinkedIn, and more)
• Enterprise Accounts (using open standard protocols, OpenID Connect or SAML)
• Local Accounts (email address and password, or username and password)

Azure Multi-Factor Authentication (MFA)
This is Microsoft’s two-step verification solution. Azure MFA helps safeguard access to data and applications while meeting user demand for a simple sign-in process. It delivers strong authentication via a range of verification methods, such as

• phone call,
• text message, or
• mobile app verification.

What’s the difference between Windows Active Directory and Azure Active Directory?

Azure Active Directory and Windows Active Directory do have distinct features. Azure AD is a cloud-based suite of identity management tools. Windows Active Directory is a much larger suite of tools and is either hosted on-premises or in Azure within a virtual network.

How can B2B help?

At B2B, our consultants can

• Work with clients to design a hybrid identity solution that best fits the business and technology needs for your organization.
• Design, Install, and configure components needed for migration to cloud
• Configure Microsoft Identity Manager to manage multiple identity providers
• Create and configure cloud-based Azure Active Directory infrastructure
• Integrate identity management into on-premise and cloud-based applications

As more and more company digital resources live outside the corporate network, in the cloud and on devices, a great cloud-based identity and access management solution is becoming a necessity. Cloud-based identities are now the best way to maintain control over, and visibility into, how and when users access corporate applications and data.

Microsoft not only provides an identity that takes you everywhere, but also a set of tools to automate, help secure, and manage IT within your organization.