Overall Satisfaction with Microsoft Azure Active Directory
We use M365 within our school district, and as such, Microsoft Azure Active Directory is our cloud identity provider for all our user accounts (faculty, staff, and students). Ultimately, we are a hybrid Microsoft Azure Active Directory environment, with an on-prem Active Directory that syncs to local objects to Azure. This synchronization helps address the need for cloud-based access to resources that would otherwise be unavailable if we were solely working from an on-prem Microsoft Azure Active Directory environment. We have considered moving all our users and devices to being 100% cloud based; however, the current Microsoft Azure Active Directory infrastructure we are a part of (multi-domain forest) is not currently suited to support that transition at this time.
- Conditional Access -- this is one of the biggest tools that any admin needs when it comes to securing when, where, and how users are accessing information. Especially if the information contains sensitive data types.
- Multi-factor Authentication -- we have all our employees configured for MFA. This is incredibly easy to configure with Azure, as well as defining when MFA should be used through Conditional Access.
- Audit Logs -- being able to track and identify a user's activity is pretty critical, especially when in incident response mode.
- Complexity --Microsoft Azure Active Directory isn't exactly for the faint of heart.
- Management -- some bulk management tasks need to be run through PowerShell...if you don't know PowerShell (and you should) then this could be problematic.
- Needs assessment -- the licensing structure for Azure AD might be difficult to understand given the breadth of features available. For example, Azure Active Directory P1 will differ from Azure Active Directory P2, but what does that mean and is it applicable to your organization? Is it necessary to have P2 over P1 to accomplish your business goals?
- It has helped improve our cybersecurity maturity/posture.
- We are better suited to protect the identities of all our users from bad actors.
- It is difficult for me to come up with how this has negatively impacted us...it has been largely beneficial in almost every respect.
Google Cloud was the only other main contender for us. However, it was a logical move given what we were already paying for in Microsoft licensing. Additionally, the feature set of Microsoft Azure Active Directory is simply more robust than what is offered from a Google perspective. Don't get me wrong... Google offers some good products, but when you look at what the different providers can do? Microsoft has a higher ceiling cap in terms of what it can offer (albeit, it also requires a higher skillset).
Do you think Microsoft Entra ID delivers good value for the price?
Yes
Are you happy with Microsoft Entra ID's feature set?
Yes
Did Microsoft Entra ID live up to sales and marketing promises?
Yes
Did implementation of Microsoft Entra ID go as expected?
Yes
Would you buy Microsoft Entra ID again?
Yes