Microsoft Entra ID Reviews

My main use cases for Microsoft Entra ID are authentication and access management.

The features of Microsoft Entra ID that I like the most are Conditional Access.

The implementation of Microsoft Entra ID has a significant impact on my secure access to apps or resources in my environment because it ensures that for every SaaS app we have, we can log in with enterprise accounts instead of having to create different accounts. If we disable a user, they get automatically disabled as well in those SaaS apps. That's definitely a big win compared to Active Directory in the past.

I think Microsoft Entra ID can be improved, but that's a broad question, and I'm uncertain about specific areas.

I have been using Microsoft Entra ID for almost 10 years.

I would assess the stability and reliability of Microsoft Entra ID as working fine with good uptime. There was an issue a few years ago, but that's been resolved now.

I haven't experienced any downtime, crashes, or performance issues.

Microsoft Entra ID scales with my growing organizational needs and scales pretty well, supporting up to hundreds of thousands of users.

I haven't expanded usage beyond what we currently have, as we only have as many employees as we have.

When we have to expand usage, the process is smooth because we don't have to do anything; we just add users.

On a scale from one to ten, I would rate my customer service and technical support for Microsoft Entra ID as pretty good, with the support being amazing for identity.

Positive

Prior to adopting Microsoft Entra ID, I couldn't really use another solution to address similar needs because Office 365 can only work with Microsoft Entra ID; it's tied to it.

I would describe my experience with deploying Microsoft Entra ID as working pretty easily.

The deployment of Microsoft Entra ID was easy with just a quick setup, and for Conditional Access, it's well-documented.

I didn't face any challenges during the implementation.

I have seen a return on investment with Microsoft Entra ID, but we didn't have another solution, so when you have Office 365, that's the only thing you can use.

My experience with the pricing, setup cost, and licensing is that we have Microsoft Entra ID Plan 2 licenses, so for us, everything is included, and I don't really work with the other models.

I didn't consider any other solutions before selecting Microsoft Entra ID because it's the only option with Office 365, so you don't have another choice.

Since implementing Microsoft Entra ID, I observe changes in the frequency of identity-related security incidents in my organization, though I'm uncertain about the specific details.

Since implementing Microsoft Entra ID, I definitely see all of the identity risks that are detected for the users now. Before, we didn't have any view on that.

My organization's approach to defending against token theft and nation-state attacks has not changed specifically since implementing Microsoft Entra ID.

The features of Microsoft Entra ID have benefited my organization because we're just more secure. We have less identity theft and no identity compromises since we have MFA now, whereas before, we didn't have MFA.

The integration capabilities of Microsoft Entra ID have influenced my zero-trust model significantly because we didn't have a zero-trust model before.

I don't share any metrics or data points that demonstrate the impact of integrations because before we had nothing.

The implementation of device-bound passkeys and Microsoft Authenticator has affected my organization's approach, and we use phone sign-in with Authenticator.

I would rate my overall experience with Microsoft Entra ID as a nine. The advice I would give to another organization that's considering Microsoft Entra ID is to pursue it because it's included in Office 365.

Microsoft Entra ID is mostly integrated with Microsoft 365, and it serves as the backbone of the 365 services. Microsoft Entra ID identity platform is feature-rich, allowing for a lot of integration as a single identity model. As an identity provider, you can get a lot of external SaaS applications to identify and be authenticated via Microsoft Entra ID, which is very useful, allowing you to secure your identity in one central place as opposed to trying to secure it in multiple different environments or needing to authenticate users individually on different platforms. Authentication happens once through one identity platform. The Conditional Access policies that you can drive and control the identity flow through are also very useful.

Microsoft Entra ID becomes the central point of authentication for identities, and it has a big impact, a very large impact.

I cannot really think of any specific way where Microsoft Entra ID can improve.

I have been using Microsoft Entra ID for many years, probably at least ten years.

Microsoft Entra ID is very stable. Regarding reliability, there have been instances here and there, but nothing noteworthy.

I was not involved in instances where customer support was used, but I would imagine the teams would have reached out to Microsoft customer support for that.

Neutral

I did not use other solutions before Microsoft Entra ID, but the other solution would be predominantly on-premises Active Directory, which is a different identity management model.

I have definitely seen a return on investment for Microsoft Entra ID.

I do not monitor the frequency or nature of identity-related security incidents since my role is not to look after that; I do not work on the IT team for an organization where I control or monitor that. I used to many years ago, but I have since transitioned into more of a solution architect role which I do not really get involved with.

Since organizations have been using Microsoft Entra ID platform, you would need to change your approach in terms of how you authenticate users, which involves a lot of hardware tokens-based authentication, especially MFA. A lot of companies that I have worked with have implemented phishing-resistant MFA deployments, such as YubiKeys, and the interoperability between Microsoft Entra ID and YubiKey has been quite successful.

We predominantly use two solutions that are phishing-resistant, which are Windows Hello, for which we have done quite a few implementations of both the hybrid and cloud-native versions, which also integrate with Microsoft Entra ID. I would rate this review nine out of ten.

Microsoft Entra ID is used for identity as the main use case.

The passwordless feature of Microsoft Entra ID is the most valued feature. The implementation of Microsoft Entra ID has had an impact on secure app access to apps or resources in the environment, particularly in security and compliance.

Microsoft Entra ID's integration capabilities have influenced the Zero Trust model significantly. Beyond the Zero Trust Maturity Model that meets the pillars, there are metrics or data points that demonstrate the impact of the integrations.

Since implementing Microsoft Entra ID, data points on bad actors in the frequency and nature of identity-related security incidents have been observed in the organization.

The organization's approach to defending against token theft and nation-state attacks has changed since implementing Microsoft Entra ID. It does help in addressing those concerns.

Microsoft Entra ID should continue to support the entirety of the Microsoft product line from the identity aspect and anything from the security and compliance that continues to evolve and change.

Microsoft Entra ID has been in use for almost five years.

The stability and reliability of Microsoft Entra ID is assessed as good, other than typical outages that every cloud service provider deals with. When there is a Microsoft outage issue, Microsoft Entra ID is one of the services being impacted.

Microsoft Entra ID scales with the growing needs of the organization so far with good results. Regarding expanded usage and workforce growth, the scalability has remained positive.

On a scale from one being the worst and ten being the best, customer service and technical support is rated as nine. This rating is given because there is always room for improvement.

Positive

Prior to adopting Microsoft Entra ID, a separate identity system addressed similar needs. The reason for considering a change was scalability.

The experience with deploying Microsoft Entra ID was definitely a learning curve, but once it was deployed, the organization moved into the operations and maintenance phase.

Working side by side with the Microsoft FastTrack team and the Unified consulting team ensured that deployment could occur in a scheduled manner. The deployment experience was definitely a learning curve as this was a new technology that had to be overcome, and the organization is proud to have accomplished that.

A return on investment has definitely been seen with Microsoft Entra ID.

The experience with the pricing, setup cost, and licensing for Microsoft Entra ID is that it is hoped it could be cheaper, but the Microsoft license model is accepted as is.

Before selecting Microsoft Entra ID, other cloud service providers were considered. What stood out in the evaluation of these options was the positive aspect of Microsoft Entra ID as the organization wanted to be more cloud-native for the office productivity transition from legacy systems.

Data points definitely demonstrate the transition of the workforce into the modern work environment from the previous legacy systems. The implementation of the device-bound passkeys in Microsoft Authenticator has involved a culture shift in the use of different multi-factor devices with Microsoft Entra ID. The process has been smooth.

Microsoft Entra ID is rated overall as ten on a scale from one being the worst and ten being the best. For another organization considering Microsoft Entra ID, it is advised to better understand the landscape and the architecture prior to testing, and to definitely go through the testing and evaluation before going into the full deployment.

We've been using Entra ID in a hybrid scenario. We have an on-premise Active Directory that replicates to the cloud.

Scalability has been the biggest benefit. Moving more to a cloud footprint and leveraging Azure resources provides increased scalability and security. Entra helps us drill down into who can access our secure apps using resource groups, etc. We haven't had a security incident in the past two years, so we've been secure since going hybrid with Entra.  

The most valuable feature is the ability to establish resource groups and set permissions through RBAC across these groups.

The device-bound passkeys have helped us implement phishing-resistant authentication. We moved everybody to the authenticator app through Microsoft Entra and integrated that with our Azure applications.

We're more secure than we've been in the past. Our security score was poor when we implemented Entra ID. It was about 30 percent. We increased it significantly using recommendations from Microsoft about the authenticator app and other identity measures.

The transition from on-prem Active Directory to the Azure Cloud was difficult because there aren't group policy objectives. This is handled differently in the Azure cloud environment.

I've been using Entra ID for a little over two years.

We haven't had any issues since moving to the platform. It has been one hundred percent reliable without outages.

The scalability is perfect, allowing us to easily move more functions to the cloud.

I've never had to reach out to Microsoft support, which I consider a positive aspect. From what I've heard from colleagues, they'd rate Microsoft's technical support around an eight.

Positive

We previously used strictly on-premise Active Directory.

It was rough because we didn't have much experience in cloud space. It was pretty seamless after a couple of days of researching and powering through it.

We used Insight for the implementation. Their cloud engineers were amazing and helped us through many challenges.

The biggest return on investment is peace of mind, knowing I won't receive phone calls in the night.

The licensing model was straightforward initially. However, it has become more complex. It's not bad. The price has gone up a bit, but it's still affordable. 

We evaluated Amazon Web Services but chose Entra due to seamless integration, primarily because we are a Microsoft shop.

I'd rate Microsoft Entra ID as a 10 out of 10.

We have a hybrid environment where we sync our users from on-premises to Microsoft Entra ID. The main purpose is to utilize Microsoft applications and services, like Microsoft 365 applications. We also use different integrations with Microsoft Entra ID for other cloud-based apps like Salesforce, enabling Single Sign-On integration.

One of the best features is that if users are synced with Microsoft Entra ID, you can integrate different enterprise-level apps like Salesforce, Oracle, and CyberArk. There are hundreds of apps you can integrate. Enabling Single Sign-On using Microsoft Entra users with these other cloud apps is a significant advantage. Single Sign-On is highly valuable.

Microsoft could enhance features regarding user retention for inactive accounts on Microsoft Entra ID. Another improvement needed is in the report customization for enterprise application configurations, making them more graphical and suitable for management presentation. Additionally, the freedom for Group Policies needs enhancement in Microsoft services like Intune.

I have been using Microsoft Entra ID for 6 years, and it is now going to be 7 years.

Microsoft Entra ID is a stable solution. We have been using it for the last 7 years, and it continues to improve with feedback from customers. It is a very stable solution.

It is a scalable solution. We previously had 300 users and now have 1,000 users. The number of licenses has increased, and Microsoft Entra ID has helped manage various Microsoft services under one platform.

Microsoft's technical support can be rated as 7 for front-end support and 8 for tier-two or advanced level support. Sometimes, level-one support lacks the immediate information needed, causing delays in receiving appropriate support.

Neutral

We were using Microsoft's on-premises Active Directory and a different Endpoint Protection. Now, we use Microsoft's Endpoint Protection due to licensing benefits. We also switched from another system to Microsoft Dynamics. These changes have helped reduce both capitalized and operational costs.

The setup process was relatively straightforward due to Entra Connect, which syncs on-prem users to Microsoft Entra. However, managing Group Policies in Microsoft services is still somewhat complex.

We engaged integrators, resellers, and Managed Service Providers for various projects. These service providers supported our deployment.

I cannot provide a specific figure, but moving our CRM and ERP to the cloud has reduced the need for on-premises management, saving on both capitalized and operational costs. This transition has allowed us to reallocate budget to more productive activities.

Licensing with Microsoft 365 often comes bundled, which simplifies license management. This unification reduces the need for separate licenses for Office applications like Word, Excel, and PowerPoint.

Before choosing Microsoft Entra ID, we evaluated other security and identity solutions, including Microsoft's on-premises Active Directory and different Endpoint Protection systems.

I would rate the solution as 9. It is a very good solution for unified management. I rate the overall solution a 9 out of 10.

I rely on Microsoft Entra ID for syncing customers' on-premises Active Directory to the Microsoft 365 stack. I also use it for managing multi-factor authentication and other enterprise applications for our customers.

Microsoft is at the core of any customer I work with. Microsoft is the core of their identity, communication, and business applications. Microsoft acts as a one-stop shop for calling, meetings, collaboration, AI, and business applications like Dynamics 365 and Outlook. Many services are bundled, providing potential cost savings for organizations.

Conditional access is an additional feature of Entra ID. It allows organizations to say that these devices are allowed to connect without MFA or with MFA and meet certain compliance standards based on what is set in Intune. There are a lot of things that can prevent devices from connecting to your environment unless certain conditions are met. That is a big thing around the security of Entra ID.

It helps allow devices regardless of having an active VPN connection. You can enable your remote employees to access corporate resources without having massive security walls. It not only allows those devices to connect to the network seamlessly, it also allows them to connect securely. It is not that they have unfettered access to your network. You are securing things down where they are only allowed access to certain resources.

The implementation of device-bound passkeys in Microsoft Authenticator helps with phishing-resistant authentication. It helps ensure that every employee that you have is actually that person. It ensures that they are entering the PIN from their phone via the Microsoft Authenticator app and they are who they are. Even if their password is compromised, you still have another level of security for device access. It is not just access to a phone. They have to have pass lock screen access and access to the Microsoft Authenticator app to approve those notifications and type in that secondary code. Requiring a user to enter a two-digit code that is showing on their screen ensures only authorized access. It has been helpful in all cases. I deal with multiple customers, and most of them have hit security issues due to people pressing a random authentication key as approved, not knowing what they are pressing, even though they know it is an authentication prompt. Having that ensures that they are who they say they are.

This constant reauthentication to applications helps with organization security. We are not letting you sign in once and remain signed in for 30 days. If that device gets compromised, your corporate security is at risk. Lowering that authentication threshold to every 24 hours or 12 hours and making a user reauthenticating helps to make sure that they are who they are.

Token Replay detection has a big impact in terms of malware. Some people click on random PDFs in their email attachments and things get through. This is happening even at a larger scale, for example with Linus Tech Tips. Someone clicked an email, and they clicked an application that ran the machine and gathered every authentication token for everything the user had access to. They happen to have access to their YouTube account and other things without MFA. Being able to detect if a token is being reused potentially from another IP, with a snap of a finger, is a great feature. If a token is compromised, you can block it.

Since implementing Entra ID, identity-related security incidents have gone down drastically. 

The most valuable feature for me is enterprise applications. This functionality allows the building of applications that are tied into APIs that we can grant specific permissions and limit the scope of access. This is the most valuable feature for me because I do a lot of automation with PowerShell and APIs. We can secure the applications that we are building and make sure that if the application were to be compromised, there is no full access to a customer's environment causing issues and other security concerns.

Microsoft could improve by stabilizing its branding. I still call it Azure AD. Some of the customers I work with call it Azure AD. Branding makes you stand out in the market, but it is something that also confuses people. The frequent changes in branding cause confusion among customers who struggle to keep track of product names and functions. They get used to things, and then it changes the next day.

I have been using it for about 15 years.

The stability of the solution is very high at 99.999%. There have been some global authentication outages in the past, preventing users from authenticating to business applications, Teams, and other things. It has caused some issues there. Over the past three years, there have not been any major authentication outages. If there have been any, they have been quickly resolved, minimizing any potential business impact.

It is fully scalable.

Overall, I would rate their support an eight out of ten. Their frontline needs some work. Reaching the necessary level of support can take time. It can take multiple days to get through tier-one support, but the assistance received at higher levels is effective. When you get to the tier you need, you do get the right answers and support. The actual support when you get to that level is a ten out of ten.

Positive

Most of my customers previously used on-premises Active Directory with ADFS. ADFS had integration with other platforms for two-factor authentication, but it was not a comprehensive solution. Everything was not under one roof. If the third-party application that was being used for authentication as part of ADFS got compromised, you have a problem, whereas now, everything is under one umbrella of Microsoft. We have more security and fewer components to worry about breaking. We can prevent unfettered access to the environment.

For most of my customers, it is a hybrid environment. Azure AD Connect helps sync their on-prem user attributes to the cloud and vice versa. You have password write-back, group write-back, and other things. You are not just stuck in one environment. You are not just doing one-way synchronization. You are actively making changes in Entra ID that are syncing back to on-prem AD. A lot of the customers I deal with have a very massive on-prem AD environment. It is hard for them to move away from that because there are a lot of things that still require on-prem AD. This allows us to have the best of both worlds, a hybrid cloud environment and also a hybrid on-prem environment.

I would put myself as an expert on it. I am the consultant for deployment.

The return on investment comes from not needing as many IT staff to manage and verify user identity and ensuring seamless device connection without needing to administer device compliance manually. Devices can seamlessly connect and authenticate. Nobody has to manually add serial numbers and other things in Intune for compliance. Entra ID has been very beneficial.

Most features of Entra ID are part of Microsoft's ecosystem and included in Microsoft 365 bundles, which means there are no additional costs associated with pricing and licensing.

We evaluated Duo. Entra ID is a part of Microsoft's ecosystem. You do not have to pay additional for it. It is included. There are additional features out of Entra ID P2 for additional security and other things, but as a base, you get Azure AD P1 as part of most M365 bundles.

I would rate Entra ID a ten out of ten.

My main use cases for Microsoft Entra ID are managing all users and everything related to user management.

The feature I like the most about Microsoft Entra ID is the ease of use on the platform.

The benefits that these features of Microsoft Entra ID have brought to my organization are that it is easy to use, pretty secure, and customizable.

The impact of implementing Microsoft Entra ID on my secure access to apps or resources in my environment is that it is pretty secure.

Microsoft Entra ID's integration capabilities have influenced my Zero Trust model through conditional policies.

I think Microsoft Entra ID could be improved by assigning permissions to nested groups in the next release.

I have been using Microsoft Entra ID for four years.

I would assess the stability and reliability of Microsoft Entra ID as pretty reliable.

I have not experienced any downtime or performance issues.

Microsoft Entra ID scales pretty well with the growing needs of my organization.

I have expanded usage of Microsoft Entra ID.

On a scale from one being the worst and ten being the best, I would rate my customer service and technical support as a nine.

I give it a nine because sometimes it is pretty slow.

I would evaluate my customer service and technical support as a nine.

Positive

Prior to adopting Microsoft Entra ID, I was not using another solution to address similar needs.

I would describe my experience with deploying Microsoft Entra ID as excellent.

It works well, and I did not face any challenges.

My experience with the deployment of Microsoft Entra ID is that it is pretty easy; it was very smooth.

The process was very smooth, with just opening a support case and having it resolved.

I have definitely seen a return on investment with Microsoft Entra ID.

My experience with the pricing, setup costs, and licensing of Microsoft Entra ID is that it is decent.

Before selecting Microsoft Entra ID, we only considered Microsoft because we are a Microsoft shop.

My organization's approach to defending against token theft and nation-state attacks has not changed since implementing Microsoft Entra ID; fortunately, we have not experienced any attacks yet.

Since implementing Microsoft Entra ID, I have not observed any changes in the frequency or the nature of the identity-related security incidents in my organization.

The implementation of device-bound passkeys in Microsoft Authenticator has positively affected my organization's security posture as compliance and MFA requirements are being met by the Authenticator app.

Microsoft Entra ID makes work easier; compared to competitors, it is easier to use, easier to navigate, and more customizable, which makes it a better choice.

My advice to another organization considering using Microsoft Entra ID is that it is very reliable and easy to use; you can manage all your security and infrastructure-related user management, lock everything up with Zero Trust policies and conditional access, and it integrates well with everything, whether you are on AWS or Azure. I would rate this solution a ten out of ten.

My main use case for Microsoft Entra ID is full identity management and system security.

The features I appreciate most about Microsoft Entra ID are Conditional Access.

The control that Microsoft Entra ID provides is significant, as when we tie it in with Intune, we can then set policies where only enrolled devices can access it. So even if users have the correct credentials and they get compromised, they must be on a device that's enrolled and known to Microsoft Entra ID and Intune. This aspect, from a security standpoint, makes our lives considerably easier.

Thanks to the implementation of Microsoft Entra ID, our security team can operate with confidence. The main benefit is that we can go to clients and say that no matter if their credentials get leaked, while we still want to change them, they still cannot access work data because the device they use must be enrolled within Intune. This compliance piece and the Conditional Access piece make life much easier, and also the geo-fencing as well. So if we know that a client only works in the UK, we then do not allow connections from outside of the UK.

The integration of Microsoft Entra ID has influenced our Zero Trust model significantly, as we use SonicWall Cloud Secure Edge, which has a direct integration with Microsoft Entra ID. Rather than having to set up individual users within the SonicWall platform, we tie it straight into Microsoft Entra ID. You can use security groups, so only those within the security group can use Cloud Secure Edge, and then you can dictate what systems within the Zero Trust architecture they can access. The integrations are fantastic and make life considerably easier.

Our organization's approach to defending against token theft and nation-state attacks has changed since implementing Microsoft Entra ID, as we have employed a full SOC solution. We have a direct SOC team that monitors identities and management and does the full ITDR piece with us. That integration with Microsoft is fantastic because of the amount of data we get from it, allowing us to ensure policies are correct and people are not doing what they should not be doing while using the systems as required.

An example of this is that we can set policies tied in with geolocation using Microsoft Entra ID. If we have clients traveling abroad for work, we can set policies within both Microsoft Entra ID and the Huntress SOC solution that allow those specific users to access work while they are over there, but only for that time period. Rather than opening the whole company up, we specify which users are going, so we just set it up for those five or six users. Then, we can also set it on a time-date delay, so one day after they return, we can shut it all down, and the security stance steps up again, which keeps everyone satisfied.

I think sometimes Microsoft Entra ID provides a bit too much information from the start. For example, when I first sign into the portal, it can be overwhelming, particularly when the SOC calls me saying there is something going on and I need to look at the tenant. At three in the morning, I find myself staring at a display full of information. Overall, can it really be improved? Perhaps a little bit, but the main issue is just the sheer amount of information in there.

I have been using Microsoft Entra ID for six years, or when it was Azure AD as well.

Since the implementation of Microsoft Entra ID, I have not really used anything else, as we have been a Microsoft house.

I definitely see a return on our investment from Microsoft Entra ID; being able to use single sign-on both on-premises and in the cloud is massive in terms of time and energy.

I have not really considered any other solutions from other companies since all our clients have always used Microsoft Office, so using Microsoft Entra ID along with that whole single sign-on feature with the on-premises solution and Entra Connect was just an already made decision for us. Why make life difficult for ourselves and switch?

Once I get my head around Microsoft Entra ID, I would give it a nine on a scale from one to ten, with one being the worst and ten being the best. I would rate this review a nine overall.