Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
$6
per user/per month
Varonis Data Security Platform
Score 8.8 out of 10
N/A
Varonis offers their Data Security Platform, a modular suite of data acess and data security products providing sensitive data discovery, data access governance, unusual behavior detection, GDPR compliance support, as well as incident playbooks and cybersecurity forensic reporting.
Varonis does a much better job presenting the entire picture. It can show an account being used, then elevated and then what actions were done with that account on a file system. ADaudit didn't have all of this information available with the modules we tested.
Features
Microsoft Entra ID
Varonis Data Security Platform
Identity Management
Comparison of Identity Management features of Product A and Product B
That one is tough. It's just easy to integrate the sign-on portion with other products from other companies. Like BluePoint or Podint. It's very easy to integrate the user information with others. Using Android ID to register an application with other companies' applications.
The most highlighted feature of Varonis Data Security Platform is the data analyzing mechanism. It analyzes your data all the time with some special algorithms to detect any unusual activities so that it can identify any unusual behavior or users and take necessary action to save your sensitive data. They also offer a complete dashboard solution for their customers to control across different data stores, see their current state, and any security breaches to be addressed manually.
The first thing is that it's a really good platform to make a whole inventory of your hardware and software that you already have in the organization. It's very simple. It's very easy to look at what you have in the whole organization. And after that, start applying, for instance, some policies, some solutions in terms of zero trust access using MFA as a second form of authentication. So, these are the ways we use the MTIV platform.
Varonis logging is very robust and captures all audit events being sent from the file servers.
The ability to report and alert on Active Directory account events works very well with file activity monitoring. It can show the complete picture of what an account did while being used.
Have a customizable dashboard is great for being able to show upper management information that only pertains to them.
There is one thing that we lost since we migrated from Active Directory and it is the user expiration date. If I have an external that I know will work for six months, I have to manually check or put some kind of reminder. I cannot set an expiration date in Microsoft Entra ID. I still don't know why.
MSFT Entra ID has been essential for managing our geographically dispersed team. We're confident that it will scale with us as grow, and we'll be able to take advantage of additional security and ID management features as they become necessary. Being able to centrally manage our user access from anywhere with a small support team is such a relief.
It's not complex. It works as configured, right? There's a lot of granular rules, and it'll get very specific if you need it to. But for many of our security capabilities, especially for mid-market enterprises, I think you can get all the capabilities you typically need with OnStar.
Because the tool delivers on its promises and forces us to explore each functionality. Using the tool leads us to seek more knowledge and apply it to our environment, mitigating risks, reducing the attack surface, increasing the team's technical knowledge, and boosting team growth. It also demonstrates to senior management that the tool is extremely necessary for the environment.
I have not needed to engage support for anything at this time. I have been able to find the answers either online or in a knowledgebase. I tried to skip the question but it would not let me, so I rated a 9 based on other interactions with Microsoft support I have had
Support has always been very responsive and addressed any issues we may have had in the past. Some local engineers are willing to come onsite or work over a web session to discuss creating a new rule set or look at some issues. Getting issues address has never been a problem. There was one feature we had trouble getting to function correctly, but support and local engineers were willing to work with us as much as needed to get it working correctly for our organization.
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
Microsoft Entra ID is not as stand-alone product as competitors like Okta. It may lack some of the features that competing products have but on the other hand it integrates both technically and license wise with other Microsoft cloud services and is easy to deploy. It is also the easiest way to extend identity management to the cloud if you already have Microsoft Active Directory in use.
Actually, we didn't expend much time evaluating other file auditing platforms. We chose Varonis just after a serious incident and we had already heard about Varonis at a Netapp event. So it was an easy choice. We called Varonis and asked them for a PoC, that's it. The PoC became a production and it is running until this day.
Microsoft Professional Services' technical knowledge is appreciable as consultants design the solution as per customer requirements. Mapping of features per user specifications and assisting Customer IT engineers to implement so they can manage and administer the services.
Definitely, I can consider this one a positive because, as I mentioned earlier, it's a tool that can help our internal ID team track end users' activities in their sign-in logs and a lot of other things, which is really good and helpful for us.
