Microsoft Entra ID Reviews

Digital Workplace

Cloud Infrastructure Administators

Microsoft Entra ID grows with the needs of our organization. When there's something new, we're usually ready to consider it. It's not too far ahead, but it's not missing major thigns we need either. It's sometimes even bringing ideas for our own identity provider, which creates pressure for our own identity provider to keep up with Microsoft Entra ID.

The main factors that led me to consider Microsoft Entra ID are that on Azure, it's unavoidable. There's no other way. That was an argument sometimes we had to use even internally when people asked why we were using it. The fact that we ended up expanding it to AWS as well for single sign-on was because it's this kind of industry standard that every single sign-on solution supports. We could use some features that were relatively unique to Microsoft Entra ID or in a way that we already had them configured for Azure, so we're getting them for free when we're just expanding the population. When we implemented access reviews, we have the same thing now for AWS as well. There were some things like that which we got almost for free because we had already invested in Azure.

The areas where Microsoft Entra ID could improve include the fact that it is a de facto standard but not a real standard, leading to strong vendor lock-in, which sometimes makes us avoid Microsoft Entra ID for certain purposes. That is number one. Second, I would say it is difficult for us to use it for end-user applications.

The B2C model is quite unworkable in our case. We have a lot of different ecosystems of customers, a big organization doing different things. The end user populations are not the same, and it's becoming really difficult and unwieldy to manage, I don't know how many tenants for a thousand applications. We really have a thousand applications, and I would say maybe fifty different ecosystems. That's why this is a part where we opt for our own identity provider instead of Microsoft Entra ID. Maybe some kind of redesign of B2C would be more interesting, but I don't know exactly how. I would need to go in a design session to know what to propose specifically.

What would make it a ten for me is that I don't know to the extent it's possible, but full infrastructure-as-code management. A little bit more openness and contribution to identity standards would be beneficial. I know that Microsoft Entra ID is doing a lot of things for which there's no equivalent standard, but it would be interesting to see at least the creation of standards or suggestion of standards for the industry to catch up. I understand it's not necessarily the most interesting thing for Microsoft, but it could reduce resistance in our organization.

Prior to adopting Microsoft Entra ID, I have not used another solution to address similar needs. Nothing really comparable.

I assess the stability and reliability of Microsoft Entra ID as having no problems with this. It's good.

I would evaluate Microsoft support for their products on a scale of one to ten, and I think it depends a bit on the product. On Azure, we had some misses sometimes where support was around the clock, and if we're not responding quickly, another person was picking up and we're starting the conversation again. We had a few cases like that, particularly for security products which are quite complicated. Other than that, we had a very good experience with the cloud solution architects and the designated engineers from there. We had a pretty good experience. It's just that sometimes it's difficult to find the right resource. Usually, they are specialized on one thing, and if you go a little bit beyond their domain, it might take some time until you find the right information.

We have not considered similar solutions before going with Microsoft Entra ID. We know that there are other organizations in our ecosystem that used Okta. Because we didn't have enough central support for this kind of solutions, we could not even consider going to yet another product and doing the procurement, the evaluation, the return on investment, and things like that. We went for something that was already available in our organisation.

I would describe my experience deploying Microsoft Entra ID as generally going well, other than the provisioning of the licenses. There were a few things that were a bit challenging. One thing that's a bit unclear to me to what extent it's still valid since I'm no longer in that team for less than a year, but the fact that some things in Microsoft Entra ID we have to roll out by PowerShell and not by Bicep. This creates a bifurcation in our code. There are things that we have to do in Bicep as we do everything else on Azure, and Microsoft Entra ID, which is a bit its own world where you have to do a few things by PowerShell. That was a thing, but it's manageable and not the end of the world.

It's always difficult to measure return on investment on Microsoft Entra ID since it's about security, which is a philosophical question. What I can say is that among all the cloud security costs we have, Microsoft Entra ID was among the lowest compared, for example, to endpoint protection and container logging and things. Nobody ever put these costs in question because they were low for the assurances we were feeling that we were getting for the management of identities in the cloud. We still have, of course, to be careful about when to use P1, when to use P2 and for which populations, but it didn't create a problem. Other security products where we actually ended up not rolling them out because of their cost.

On the digital workplace side, I was not directly involved. For the whole Microsoft 365, we got it as part of the license, which is fine. We have enough guest accounts, so I could not distinguish Microsoft Entra ID from Microsoft 365 on that side because they go together. On the Azure side, we didn't have any major problem. We had some procurement-related problems because we could not self-provision Microsoft Entra ID licenses the same way we could do it for other Azure resources. We still have to pass through a separate process just to get Microsoft Entra ID licenses, which is inflexible. For example, if I have a new team, I can give them an Azure account and it's really pay as you go. But to get them the licenses, fundamentally, I have to place an order at the beginning of the year, and it follows a completely different, much more old school procurement workflow. I don't know to the extent this is because of my organization or because of Microsoft. I think we kind of ended up mirroring each other because Microsoft has this license and Azure walls which behave very differently, and I think in our organization, we copied this and we ended up doing two different procurement processes for those two different worlds, and one is way more inflexible than the other.

My advice for someone who is considering Microsoft Entra ID is to start early with governance and not leave it for later, as we did. I would say follow the recommendations of Microsoft and not do things your own way because sometimes, if we are coming from another provider or from on-premises, we sometimes end up doing ineffective things. I think that's it, and don't improvise too much. My overall rating for this product is nine out of ten.

Public Cloud

Microsoft Azure

The main use cases for Microsoft Entra ID in this company involve granting permissions across different Databricks workspaces or Synapse, and leveraging the same identity across Power BI integration and semantic models.

What I find most valuable about Microsoft Entra ID is centralizing identity. I think that's the power of this. I don't need to worry too much about how to set up the groups. I just need to get access and assign it to the correct place. Centralizing everything and making it more transparent for me while leveraging these groups and users in my applications represents the best difference.

The impact of Microsoft Entra ID on security is that it grants permissions to those who need to see the information. I think that's the main goal of Microsoft Entra ID features.

I'm not sure how Microsoft Entra ID's integration capabilities have influenced my zero-trust model. This one is hard to answer.

Since having Microsoft Entra ID, I have not observed any changes in the frequency and nature of identity-related security incidents in my company.

So far, I've never heard about token theft and nation-state attacks issues since implementing Microsoft Entra ID, but I hope to keep it this way.

I don't see any area of improvement for Microsoft Entra ID for my usage. I think it's perfect for me.

I'm not aware if Microsoft Entra ID could be cheaper, but if it can be cheaper, it's a good way to keep customers linked to it.

Usually when people talk about Azure, they talk about cost. I think Microsoft Entra ID is not as expensive as AWS, but cost is usually the main concern.

I have been using Microsoft Entra ID for a couple of years. Every company that I worked with had the previous Active Directory, now Microsoft Entra ID, so I'm using it for at least ten years. Most of the companies work with Azure.

I have never had any problems with the stability and reliability of Microsoft Entra ID. During the demo today, there was a gap between Microsoft Entra ID and the sync. However, this was the first time that I observed something of this nature. Before it, I never saw any problem.

Regarding scalability, Microsoft Entra ID has been able to scale to the workloads that my company needs. So far, that's the least critical concern about scaling. I think it performs very well. The company is pretty big with a few thousand employees, and it works very well, considering not only the users but the application IDs and other elements.

I think the customer service and technical support for Microsoft Entra ID are great. Every time that I had to get in contact with them, the answers are fast and they are very helpful in trying to solve the problem.

Positive

My company did not consider other tools before choosing Microsoft Entra ID.

With my experience, the deployment process for Microsoft Entra ID is pretty straightforward. Using Azure CLI, it's quite simple to make the assignments and everything else. I don't provision users; I just consume what is ready. So it's quite simple for me.

I guess the biggest return on investment for Microsoft Entra ID is linked with security. Security definitely helps protect the company image from leaking and from issues. I think when we put this on the table, I don't know if the cost to buy something of this nature matters too much because the impact is much more significant.

While using Microsoft Entra ID, we are not considering something else.

I think AI is also connected with Microsoft Entra ID. It acts on behalf of someone. All the features that I'm seeing in the event are already making transparent how AI is connecting or using the data and the artifacts around the cloud that is on behalf of someone. I think that's a great feature.

The implementation of device-bound passkeys in Microsoft Authenticator is a step forward to make things more secure and harder for someone with second intentions to go through your architecture and platform. I think this was an implementation to keep things more secure in general, and it definitely did.

My advice for other companies considering Microsoft Entra ID is that if you want to simplify your identity management and focus on your core business, Microsoft Entra ID is a good option. I would rate this product a nine out of ten.

Public Cloud

Microsoft Azure

My main use cases for Microsoft Entra ID include Azure App Registrations and management of third-party integrations into our M365 tenant.The implementation of Microsoft Entra ID has been pivotal for our secure access to apps or resources in our environment. We use Microsoft Entra ID to grant access for all external apps that want to connect into some type of data source in Office 365, so it has been crucial to be able to set those up and manage those.Microsoft Entra ID's integration capabilities have been the foundation for our Zero Trust model because my team only sets up integration and Azure App Registrations based on a request and we review them. Nothing gets access to any data or anything in our tenant unless we review it and approve it and configure it in Microsoft Entra ID.

The features of Microsoft Entra ID that I value the most include the governance tools around OAuth, Azure App Registrations, and the security tools that enable us to set those up and monitor those.The features of Microsoft Entra ID have benefited my organization by allowing us complete control over what apps have access to what in Office 365 and for how long due to the Azure App Registration tools and process that Microsoft Entra ID offers us.

Microsoft Entra ID can be improved through better lifecycle management of the Azure App Registrations. If a token or a certificate is going to expire, it would be helpful to notify the app owner or the representative in our organization, saying that their certificate is getting ready to expire in two weeks, asking if this is still in use and if they still need this, and providing information on how to renew it if needed. Additional tools for governance and lifecycle management would be beneficial.To make it a ten, some of the governance and lifecycle management for app registrations that I mentioned would be beneficial. It would alleviate some of the time burden from my team to be able to automate the management of some of those aspects. Other than that, it is pretty solid.

I have been using Microsoft Entra ID for about ten years.

I assess the stability and reliability of Microsoft Entra ID as great.I have experienced some downtime, crashes, or performance issues, primarily the typical Office 365-wide outages that happen from time to time, but nothing beyond that.One of the outages I experienced was about a month ago where there were DNS issues with Microsoft, and all of Office 365 was inaccessible, along with the Microsoft Entra ID admin center.

Microsoft Entra ID scales well with the growing needs of my organization. As the organization has been growing with Azure App Registrations that I have been mentioning, we get more and more of those, and the tools are just there for us to use.We have expanded the usage of Microsoft Entra ID gradually over time as our organization has been getting bigger and there are more and more third-party apps that get brought on board, and it has been smooth.

I would rate customer service and technical support an eight on a scale from one to ten.I give an eight rating because for the most part, whenever we open up a ticket or need technical support, we get a good resource to help us quickly. However, every once in a while, you might get a resource that is not as well-versed in exactly what you are looking for help with. For my team, if we are opening up a ticket, we have already done a lot of basic troubleshooting.Overall, I would evaluate customer service and technical support as pretty good.

Positive

I have seen a return on investment with Microsoft Entra ID, as it makes my team, the engineering team for Office 365, have a much easier time in terms of managing third-party integrations and other apps that connect into Office 365.

I cannot speak to the setup cost of Microsoft Entra ID because it was before my time here. Licensing has been pretty pain-free. All of our users get the base E3 license, so the workload on that is pretty easy.

To other organizations considering Microsoft Entra ID, I definitely advise you to implement it, as it is crucial for my team and what we do in controlling access to certain resources in our tenant. I cannot imagine doing our job without it. I would rate this product a nine out of ten.

Hybrid Cloud

Other

My main use case for Microsoft Entra ID is for access control. I'm not entirely sure what I like the most about Microsoft Entra ID, but perhaps it's that everything is included in the same app compared to before. Mainly, we have SharePoint set up, so we use it to manage users' access, which is the main purpose.

SharePoint site access has mainly benefited my organization, and that's how we have Microsoft Entra ID set up. Because of the hybrid environment we have with Active Directory, that's why we have it configured for our users' access to folders and sites.

Microsoft Entra ID did help with our approach to phishing resistance, and we appreciate the Office 365 MFA protections. Since we have this hybrid environment set up, we find it more secure when accessing any Office 365 products such as Outlook, SharePoint, and OneDrive.

I think something can be improved, but it's working.

I have been using Microsoft Entra ID for about ten years.

I assess the stability and reliability as generally good, as we do have occasional downtime for SharePoint, but usually the service is restored within an hour or less, which is good. There is nothing major with downtime, and we are satisfied.

Microsoft Entra ID works well for scalability in my organization, as we have grown from 150 employees to 700 employees. There are some changes in licensing, with Microsoft offering cheaper licenses for employees under 300, and when you exceed that number, you move into another level and another layer of the licensing scheme. The transition is quite easy, and it gives you the flexibility to mix and match the licenses you want.

I recently used customer support, but it was not for our production environment; it was for our test environment. I contacted support and I am waiting for a phone call. We have experience contacting support, and they are good.

I have not personally contacted support a lot, but some of my team members contact them regularly, and they receive very good feedback from them. According to the comments I received, I would rate customer support around a seven or eight.

Positive

I did not consider another solution before; we are Microsoft customers, and it has been that way since day one.

The deployment of Microsoft Entra ID is easy once it's migrated to the cloud. The implementation of Microsoft Entra ID is required for SharePoint sites to provide user access, and that is one of the requirements, so that's why we had it set up.

I have seen a return on investment, as it's a great investment because our production environment has now migrated to the cloud, and we use SharePoint extensively. Microsoft Entra ID is what we use for access control, and it's a great investment.

I do not believe we pay anything extra for Microsoft Entra ID; it's a good deal. We have Office 365 licenses, and Microsoft Entra ID is included.

We have not just relied on Microsoft Entra ID for the security setup, as we do have other third-party software integrated with our system for protections and data protections.

Nothing right now has influenced my Zero Trust model with Microsoft Entra ID integration capability. My organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID, as I have other security solutions in place, so we do not use Microsoft Entra ID for protections.

I am satisfied. I would rate this product an eight overall.

Hybrid Cloud

Microsoft Azure

Our main use cases for Microsoft Entra ID involve working with clients that use the Microsoft platform and their identity graph to identify who the users are and integrating our solution with Microsoft Entra ID to identify who that person is when we're registering credentials on a YubiKey.

Since implementing Microsoft Entra ID, we have not seen major changes, but we are working with Microsoft to examine metrics and build dashboards in Sentinel. We have plans to do that, and we have a pull from the customer perspective wanting to examine the data metrics. Our data metrics are specifically tied to the lifecycle management, onboarding, usage of authentication, enrollment, and recovery cycles. We just met with the team to work on this and determine how we can use agentic AI to share risk signals both from our metrics and for the Sentinel dashboard.

The features of Microsoft Entra ID benefit my organization by streamlining everything for the customers that use Entra or the whole Microsoft platform. When looking at the full solution and the value that it brings us in terms of visibility, especially when we're talking about agentic AI, the fact that you can use Microsoft Entra ID and all the other product ecosystems to work together to give you the best value and then act on that data is where the win is for us.

As a security company ourselves, we are moving towards a zero-trust model, and we find that partners aligned with Microsoft Entra ID support that, which is the baseline thought process of having a zero-trust environment.

We do have some tickets regarding Microsoft Entra ID, but we are working with the team to examine those improvements, especially with our product that we're a partner with Microsoft on. It is beneficial that there is an interaction where we can bring the customer in as well so that Microsoft can hear the voice of the customer and determine what needs to be improved, and it is a good partnership that works well for everyone.

Microsoft Entra ID has been a core cornerstone of our product, the YubiKey itself, and we have been engaged with it for about a year now from a product perspective.

I have not experienced any downtime, crashes, or performance issues with Microsoft Entra ID.

I would describe the stability and reliability of Microsoft Entra ID as positive.

Microsoft Entra ID scales with the growing needs of our organization without any issues, and from what we see from customers, it serves small, medium, and large-sized enterprise customers.

I would evaluate customer service and technical support highly as our interactions with the team have been great and always responsive. Once we are GA, I expect that support will be up to par as well.

Prior to adopting Microsoft Entra ID, our partners and customers had multiple solutions, as the bigger companies often rely on multiple IDPs and multiple solutions because of the platform, whether it is mobile or desktop. The offering is there and is probably above the other offerings in the market.

For our use case and working with Microsoft Entra ID, our integration timelines are comparable to everything else.

I would say from the customers, we have definitely seen a return on investment with Microsoft Entra ID. Having that full ecosystem compared with other IDPs and other ID solutions from competitors, we definitely see a visible two-to-one ratio for our customers in the pipeline.

When considering Microsoft Entra ID, it was one of the cornerstones, so we did not actually examine anything else. We chose to partner and support it because we do see many of our customers using Microsoft Entra ID and the Microsoft platform.

My organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID.

The implementation of device-bound passkeys in Microsoft Authenticator has not changed our organization's approach to phishing-resistant authentication. Our product is non-device-bound passkeys, but we see air gaps in the market where you cannot have a device-bound passkey. We choose to complement what Microsoft has in place as well, but it has not changed anything from that perspective. It probably eases use for our customers, but we still see that there are use cases where they have air gaps and are using a mobile key.

The evaluation process regarding Microsoft Entra ID highlighted the workflows and everything being streamlined, especially with the authentication process. I do not see a specific feature of Microsoft Entra ID that stands out the most, but we are examining the whole ecosystem from a data perspective as well and looking at Sentinel, Data Lake, and those products. However, it is mainly the authentication space and the authentication workflow, so it is identifying that there is a passkey registered with Microsoft Entra ID.

As far as our support and working with Microsoft and all of our customers, we only support Azure. My overall rating for this product is eight out of ten.

Hybrid Cloud

Microsoft Azure

Microsoft Entra ID is used for hybrid synced users to Azure and for external users with guest accounts created in the directory. Security groups and all related functionality are utilized for user management.

Logging activities, including sign-in logs, password lockout, and security monitoring for compromised accounts, are valuable components of the implementation.

To prevent intrusions, as a government entity, Microsoft Entra ID is used to determine if someone is attempting to brute force an account and to understand the origin of the access attempt and whether it represents an actual threat.

Logging, sign-in logs, password lockout, and security features for compromised accounts are the most valuable aspects of Microsoft Entra ID.

To prevent intrusions, the ability to determine if someone is attempting to brute force an account and to understand where the access attempt is originating from and whether it represents an actual threat is critical.

Microsoft Entra ID has had a very positive impact because access can be controlled both internally and externally to the environment and applications used by the organization. Many app registrations function through Microsoft Entra ID to allow internal and external users to access applications.

There has been a return on investment in Microsoft Entra ID because of the security capabilities that enable both internal and external access management.

Microsoft Entra ID could benefit from improved structure and organization. Currently, internal and external users are grouped together, and filters must be applied to differentiate between them. Having separate areas for internal and external users would be beneficial since they should be treated differently.

Growth opportunities exist in separating certain elements for improved viewability.

Microsoft Entra ID has been in use for approximately eight years.

The primary issue experienced with Microsoft Entra ID is Azure sync performance. Over the past year, syncs have occasionally taken longer than expected to complete between on-premises and cloud environments. While syncs should typically complete within 30 to 60 minutes, there have been instances where syncing has taken hours. These issues have been reported to Microsoft, and while they address the problems, they do not typically share details about the fixes applied.

Microsoft Entra ID has been expanded through the creation of security groups specifically in the cloud rather than on-premises. The organization is moving forward with all groups being created in Azure and Microsoft Entra ID. User accounts will continue to be created on-premises, but security groups and dynamic groups will all be created in Azure and Microsoft Entra ID.

Support for Microsoft Entra ID is evaluated as generally good, with few problems encountered. On a global scale, however, support has not been consistently reliable.

Positive

There has been a return on investment in Microsoft Entra ID because of the security capabilities that enable both internal and external access management.

The primary benefit observed from Microsoft Entra ID is the ability to identify and respond to suspicious account activity. Most frequently, locked accounts have been investigated and flagged accounts have been flagged for suspicion or high risk, particularly guest accounts invited to the tenant. This allows the organization to communicate with affected users and recommend actions such as password resets. This capability is especially valuable because the organization regularly interacts with the public.

Zero-trust model implementation has not been influenced by Microsoft Entra ID, as this reviewer was not involved in that initiative.

The organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID.

No competitive solutions have been evaluated or considered, as the organization is satisfied with Microsoft Entra ID. This review is rated as an 8 out of 10.

Hybrid Cloud

Microsoft Azure

Microsoft Entra ID serves as the main use case for everything, supporting M365 and all related services, with Entra ID being a key component for everything.

The features for users, groups, and management are what I appreciate most about Microsoft Entra ID.

Single sign-on (SSO) is an example of how the features of Microsoft Entra ID have benefited my organization. We use Entra to access our laptops and applications, and single sign-on helps ensure business resiliency so that if our domains are compromised, we can still access Microsoft M365 and other services.

Microsoft Entra ID's integration capabilities influence our zero trust model significantly, as we use a lot of conditional access through Entra to support that part.

Since implementing Microsoft Entra ID, I have observed that it would be beneficial to have more analytics and everything integrated there, as opposed to how we normally do searches. Co-pilot might play a big role in getting more data much quicker from Entra.

I think more analytics would be beneficial in the next release to improve Microsoft Entra ID.

I want Microsoft to improve dynamic group creation and the logic behind them. Another area needing improvement is dynamic groups, where you cannot utilize many of the custom attributes in the dynamic groups, which are very limited.

I have been using Microsoft Entra ID for ten to fifteen years.

I would assess the stability and reliability of Microsoft Entra ID as acceptable; we have issues sometimes, but overall, it is satisfactory.

I have experienced downtime, crashes, or performance issues on occasion.

Microsoft Entra ID scales well with the growing needs of the organization, and I find it good overall.

I have expanded usage of Microsoft Entra ID.

The process of expanding usage was quite smooth.

I would rate my customer service and technical support as six out of ten, noting that level two support is really poor while everything else above that is good.

Neutral

Prior to adopting Microsoft Entra ID, I was using an on-premises Active Directory solution to address similar needs.

I would describe my experience with deploying Microsoft Entra ID as good overall.

The process worked well, and I faced no significant challenges. However, we had some initial mapping issues when trying to perform synchronization services from on-premises AD to local AD to Entra, and there is still a limitation on the number of mappings you could do from there.

My experience with the deployment was good, though initially, the biggest challenge was mapping the fields from on-premises to cloud and making sure you have all those requirements for the application. Once we got the initial part done, it is quite good.

I have seen a return on investment with Microsoft Entra ID.

My experience with the pricing, setup costs, and licensing of Microsoft Entra ID is that it is part of our base, and there is no additional cost.

Before selecting Microsoft Entra ID, I did not consider any other solutions as we are in the Microsoft Azure ecosystem and do not have any other choice.

My organization's approach to defending against token theft of nation-state attacks has not changed since implementing Microsoft Entra ID.

The implementation of device-bound passkeys in Microsoft Authenticator has affected my organization's approach to phishing resistance in that we do not use that directly. We use a third-party system to do that, which is primarily Okta. However, I have tested FastPass and enabled it for mine, so it is definitely helping with security and ensuring that all authentication is secure, though we do have a pilot and do not use it for the majority.

The factors that led me to consider a change to Microsoft Entra ID included scalability, cost, and being cloud-native.

I can share metrics or data points that demonstrate the impact of our integrations.

I can share data points or examples, as it is the AD. Without that, nothing will work. Without Entra, it is the key one for that, meaning it is the base fundamental thing you need in order to do anything.

My advice to another organization considering using Microsoft Entra ID is to look at the initial implementation, which will take time, so ensure you plan regarding what you need. For us, that was mapping, how authentication would change, what applications you are migrating to the cloud, and how you are going to map those things. Good planning before implementing would be beneficial. I rate this review seven out of ten.

Hybrid Cloud

Amazon Web Services (AWS)

Microsoft Entra ID serves as our primary identity and access management solution, helping us manage user identities, secure access to applications, and enforce strong authentication policies across our organization.

Our main use case for Microsoft Entra ID is centralized identity management, Single Sign-On (SSO), and Multi-Factor Authentication (MFA), allowing users to securely access multiple applications with one set of credentials while maintaining strong security controls.

Some of the best features Microsoft Entra ID offers include Conditional Access policies, Multi-Factor Authentication, seamless integration with Microsoft services, and strong support of the zero-trust security model.

Conditional Access policies in Microsoft Entra ID have helped our team by allowing us to enforce security controls based on specific conditions, such as user identity, device compliance, location, and risk level, ensuring access is granted only when predefined security conditions are met.

The Conditional Access policies have had a strong positive impact on our organization's security and user management by significantly reducing the risk of unauthorized access through strict authentication rules based on user behavior, device compliance, and location.

After implementing Conditional Access policies in Microsoft Entra ID, we observed significant improvements in our security metrics, with unauthorized access attempts reduced by approximately 60 to 80% due to strict policy enforcement, MFA adoption rate increasing to nearly 100% for critical applications, and the ability to automatically block or challenge a higher number of risky sign-ins detected by the system while also seeing a significant decrease in security incidents related to identity compromise after implementation.

While Microsoft Entra ID is a strong and reliable solution, there are a few areas where improvement can enhance the overall experience, such as simplifying policy management and security policies, which can be complex for new users. A more simplified and guided interface would improve usability, troubleshooting, and visibility.

Logging failures or policy conflicts can sometimes be challenging due to the need for more detailed and user-friendly log insights to help administrators resolve issues faster. Improvements in advanced reporting and customizable dashboards could provide better visibility into security events and user activity.

The user onboarding experience, especially in a complex or hybrid environment, could be improved, as the onboarding process for new users can sometimes be time-consuming, particularly when integrating with on-premises Active Directory or multiple third-party applications. Automation can be enhanced further to simplify user provisioning, role assignment, and access configurations, and a more guided and intuitive onboarding workflow would help administrators reduce configuration errors and speed up deployment.

I have been working in my current field for five years.

Microsoft Entra ID is a highly stable and reliable identity platform designed to support enterprise-scale environments.

Microsoft Entra ID offers strong integration capabilities with both cloud and on-premises applications, making it a flexible identity solution for the modern enterprise, integrating seamlessly with Microsoft services like Microsoft 365, Azure, and other Microsoft platforms, while also supporting integration with thousands of third-party applications such as Salesforce, ServiceNow, and Google Workspace using standards including SAML, OAuth, and OpenID Connect. For on-premises environments, it can be integrated with Active Directory using Azure AD Connect, enabling hybrid identity management, and it supports API-based integration and SCIM provisioning for automated user lifecycle management.

Microsoft Entra ID provides reliable customer support with multiple support plans and global availability, offering 24/7 support for all critical users, especially for enterprise customers, with support response times varying depending on the severity of the issue and the support plan, providing faster responses for high-priority incidents, and having multiple support channels, such as a ticketing portal-based support and enterprise support plans.

Before implementing Microsoft Entra ID, we were using traditional on-premises Active Directory for identity and access management, relying mainly on Active Directory for user authentication and access control, with basic security mechanisms such as a password and limited group policies. In some cases, we also used VPN-based access and manual user provisioning for application access.

Microsoft Entra ID provides strong value even with a relatively low initial investment, especially for small to mid-sized teams, as the solution is cloud-based, eliminating the need for heavy on-premises infrastructure with reduced initial setup.

I have hands-on experience in the implementation of Microsoft Entra ID in a hybrid environment integrated with the on-premises Active Directory, where I was involved in configuring Azure AD Connect for directory synchronization, setting up user identities and groups, enabling Single Sign-On for the enterprise application, implementing Multi-Factor Authentication, and designing Conditional Access policies based on user risk, location, and device compliance. One of the main challenges faced was integrating legacy applications and fine-tuning Conditional Access without impacting user productivity, but overall, the implementation improved our security posture, reduced unauthorized access attempts, and provided a seamless login experience for users.

My advice for organizations planning to use Microsoft Entra ID is to properly plan their identity and access strategy before implementing.

As a partner working with Microsoft Entra ID, my advice is to approach implementation with a clear identity and security strategy, recommending that organizations start with proper planning of user roles, access control, and security requirements. I would rate this solution a 9 out of 10.

Hybrid Cloud

Microsoft Azure