Microsoft Entra ID Reviews

I use Microsoft Entra ID for managing employee onboarding and privileged identity management inside Entra for security. We also use it as an active directory.

The product's valuable features include privileged identity management, least privilege for Zero Trust, the onboarding process for new employees or role changes, and implementing security on identity authentication and authorization. It provides resources for security, which aids in fast employee onboarding.

In the compliance area, the granulation of access to storage accounts or Kubernetes could be improved.

I have used Entra for about one year or maybe two, and it is recently in production.

Some aspects were complex, such as using Microsoft Entra ID in our products and applications. However, Microsoft has a support line that is part of our SLA, which helps resolve any difficulties.

I would rate the support as ten out of ten. They were available to us and worked with us for a day to resolve issues.

Positive

I used Okta Active Directory previously. I use both Okta and Microsoft Entra ID. The reason for moving to Microsoft Entra ID is that it is better for our client applications instead of using another authentication program.

The initial setup was smooth and involved syncing between active directory and Microsoft Entra ID.

In the first and second phases, I handled the deployment alone. The third phase focused on training tier-two technicians.

The ROI improved noticeably, although I do not have exact numbers.

Microsoft Entra ID is not too expensive, and we received a great offer from Microsoft, upgrading to E5 or P2 at a better price.

I rate Microsoft Entra ID an eight out of ten overall.

Hybrid Cloud

We are using Microsoft Entra ID for single sign-on with our hybrid domain environment and for identity management with multi-factor authentication using Microsoft Authenticator. We plan to migrate our whole user base over to Microsoft Authenticator with MFA capabilities, possibly with certificate-based authentication.

We're still testing Entra and having implemented it on the application side. We'll soon start using application proxies to get into our line-of-sight businesses on-prem. 

We follow a least privileged access model, and Entra ID has helped us to avoid overextending access from the administrative side. And we plan also to implement it with devices. Our administrators are more careful when auditing access and ensuring everyone has access. 

We haven't implemented permission identity management, but we plan to use it. Entitlement management and dynamic grouping of Microsoft 365 groups are features I enjoy. From an administrative perspective, we can now manage users from a single pane of glass, which enhances efficiency. MFA will improve the user experience and increase organizational efficiency.

The implementation of other third-party MFA such as Okta or Duo could be improved, even though Duo is integratable. The response from actual support tickets is a bit laggy, and I would like them to be more responsive.

We have been using Microsoft Entra ID for about two years.

Entra's stability is great and consistently meets our expectations.

The scalability is excellent. We can scale Entra up and down as needed efficiently.

Our consultants are excellent and provide consistent help, but there is room for improvement in the responsiveness of actual support tickets.

Positive

We previously used on-prem Active Directory as our solution.

The initial setup was straightforward.

We did it all in house without any additional team.

We go through a reseller, CDW, who walked us step-by-step through the process. The pricing, setup cost, and licensing have been fairly straightforward.

Hybrid Cloud

I work on it to investigate it. I work at a cybersecurity company, so I focus on how the product behaves, particularly how Microsoft Entra ID behaves with group permissions and such.

We work with Microsoft because we're also a security company, so we scan Microsoft Entra ID and then monitor what happens regarding defending against token theft and nation-state attacks.

We are partners with Microsoft. We don't sell Microsoft products; we sell our own product, but we integrate it with Microsoft.

It's simple to create groups or accounts and to add users. There are several options for dynamic groups.

Microsoft Entra ID influences our zero trust model because we need to make sure that we give the right user permissions.

To improve Microsoft Entra ID, it should be made simpler because there is a lot of stuff to do in the platform, which could be reduced to fewer buttons.

I have been using Microsoft Entra ID for two years.

Microsoft Entra ID is pretty stable.

I don't know about scalability, but I assume it is suitable because it is used for huge organizations.

Customer service and technical support for Microsoft Entra ID are very good because I open many tickets with the support and get straight answers. If I don't get an answer, they update me all the time that they will provide an answer, and they work on that.

Positive

Microsoft Entra ID is pretty easy to deploy. The speed of deploying Microsoft Entra ID depends on the organization and its structure, but building new users is very simple.

There is a return on investment when using this platform, though I am uncertain about the specifics.

I haven't observed any problems or changes in the frequency and nature of identity-related security incidents after using Microsoft Entra ID in my company.

I would rate Microsoft Entra ID a nine out of ten.

Entra ID serves as our primary identity security tool. 

Entra ID enables us to implement security easily and effectively. It has built-in integration with all the Microsoft tools, like SharePoint, Outlook, Teams, etc., the condition access we discussed earlier. It's our primary identity security tool. We can't live without Entra ID. 

Using Entra ID has improved our security. Our security score is close to 80 percent, which is a critical metric because that includes everything under the hood. We have continuously improved in the last two or three years. We have implemented many improvements since the pandemic, so the number of incidents has decreased a bit, and automation has been throttled up.

Conditional access and Privileged Identity Management (PIM) are the most valuable features from a security perspective. 

Rule management and permissions need improvements. I have had discussions with product managers about these challenges and sent emails regarding them. Additionally, improvements are needed in the Identity Governance and Administration (IGA) side of things.

I have been working with Entra ID for around six years.

I rate Entra ID 10 out of 10 for stability. I have not encountered any issues.

I rate Entra ID's scalability 10 out of 10. It's great.

Customer service has been very good. I have raised sophisticated queries and received responses within a day.

Positive

I have never used a different solution and have always worked with Entra ID.

I have not personally deployed Microsoft Entra ID. However, I have integrated the solution, and we have worked with integrators to set it up.

The biggest return on investment is the seamless integration with all Microsoft apps and services. If you choose something new and integrate it, it can take a lot of time.

I rate Entra ID eight out of 10. 

Hybrid Cloud

Other

We've been using Entra ID in a hybrid scenario. We have an on-premise Active Directory that replicates to the cloud.

Scalability has been the biggest benefit. Moving more to a cloud footprint and leveraging Azure resources provides increased scalability and security. Entra helps us drill down into who can access our secure apps using resource groups, etc. We haven't had a security incident in the past two years, so we've been secure since going hybrid with Entra.  

The most valuable feature is the ability to establish resource groups and set permissions through RBAC across these groups.

The device-bound passkeys have helped us implement phishing-resistant authentication. We moved everybody to the authenticator app through Microsoft Entra and integrated that with our Azure applications.

We're more secure than we've been in the past. Our security score was poor when we implemented Entra ID. It was about 30 percent. We increased it significantly using recommendations from Microsoft about the authenticator app and other identity measures.

The transition from on-prem Active Directory to the Azure Cloud was difficult because there aren't group policy objectives. This is handled differently in the Azure cloud environment.

I've been using Entra ID for a little over two years.

We haven't had any issues since moving to the platform. It has been one hundred percent reliable without outages.

The scalability is perfect, allowing us to easily move more functions to the cloud.

I've never had to reach out to Microsoft support, which I consider a positive aspect. From what I've heard from colleagues, they'd rate Microsoft's technical support around an eight.

Positive

We previously used strictly on-premise Active Directory.

It was rough because we didn't have much experience in cloud space. It was pretty seamless after a couple of days of researching and powering through it.

We used Insight for the implementation. Their cloud engineers were amazing and helped us through many challenges.

The biggest return on investment is peace of mind, knowing I won't receive phone calls in the night.

The licensing model was straightforward initially. However, it has become more complex. It's not bad. The price has gone up a bit, but it's still affordable. 

We evaluated Amazon Web Services but chose Entra due to seamless integration, primarily because we are a Microsoft shop.

I'd rate Microsoft Entra ID as a 10 out of 10.

Hybrid Cloud

Microsoft Azure

The primary use case for Microsoft Entra ID is authentication, allowing internal employees and guest users to log into our system.

Microsoft Entra ID has simplified central management, including administration and an overview of all logins and user profiles. It simplifies logins, not only for internal users but also for guests. We don't need to manage a lot of party sign-on. It has dramatically decreased phishing and other hacking attempts. 

It has improved our approach to defending against nation-state attacks and token theft by allowing us to enable MFA and other out-of-the-box capabilities easily. We've also reduced complaints and changed user behavior. It takes them some time to get used to it, but we educate them on how to use the built-in security features.   

The most valuable feature for us is the B2C functionality of Microsoft Entra ID, which is essential due to our need for external and internal users to log into our system.

Currently, Microsoft Entra ID meets our needs. I could not think of any areas for improvement or additional features for the next release.

I have used Entra ID for three to four years.

The stability of Microsoft Entra ID is satisfactory.

Microsoft Entra ID is scalable.

I rate Microsoft support eight out of 10. Internally, we have a feedback system for our customer service. While it may not be perfect, there are noticeably fewer customer complaints.

Positive

We did not use a different solution before Microsoft Entra ID. Since we are deeply embedded in the Microsoft ecosystem, it was the natural choice.

The initial setup was not difficult. 

We did not use an integrator, reseller, or consultant for deployment.

I am confident that we have seen a return on investment, but I have not calculated it. Microsoft Entra ID reduces risks and the need to do things manually.

Microsoft's pricing and licensing are difficult to understand. We engage with Microsoft partners regularly, but Microsoft's frequent rebranding complicates the process for us in the industry.

Microsoft Entra ID was a straightforward choice due to our integration within the Microsoft ecosystem.

I would rate Microsoft Entra ID eight out of 10. We are generally satisfied, although understanding the solution fully can be challenging. Once we have the knowledge, implementation becomes easy, but initially, it can be time-consuming.

Public Cloud

Other

The primary use case is for single sign-on, service provisioning, and security features, including multi-factor authentication.

We have been integrating network services and authentication services such as PIN Identity and Entra ID, which helps in providing a consolidated security solution.

The main valuable feature is the integration into a single console, which includes authentication service and endpoint security. This consolidation of security features in one place is extremely beneficial.

The cost is one area that needs improvement. Also, there is a need for better transformation support from on-premises Active Directory policies to the cloud, as Entra ID doesn't cover this sufficiently yet. The flexibility of the security policies could also be improved.

I have been working with EntraID, previously known as Azure ID, for about three or four years.

The stability of the solution is good with a rating of eight out of ten.

Entra ID is pretty scalable with a rating of eight out of ten.

Sometimes there is a late reply, but overall, it's good. I would rate Microsoft technical support as a seven out of ten.

Neutral

Customers often consider alternatives like Okta or PingID if Entra ID does not suit their requirements.

The initial setup of Entra ID is simple.

We work as integrators, focusing on integrating network services and authentication services like Entra ID.

I'd rate the solution eight out of ten.

The main use case for Entra ID is to move from on-premises to the cloud. I have been doing a lot of cloud transformation work, and I have seen that most organizations that move to the cloud see a lot of benefits in terms of monitoring and IAM. In those cases, we move to Entra ID.

Entra ID provides a single pane of glass for access management. Microsoft Identity confirms users and the access management grants access. In terms of IT and access management, Entra ID provides better management and monitoring solutions that can be used effectively. Entra ID can be used by IT administrators and app developers. It offers a wide range of options for onboarding applications to the cloud. For example, enabling single sign-on for an on-premises application can be time-consuming. However, moving the application to Entra ID is straightforward. App developers can use Entra ID APIs to build personalized experiences, set up single sign-on, customize applications, and monitor them.

The single pane of glass consistency for user sign-on experience is very good because Entra ID is a solution from Microsoft that is available in different regions around the globe. This means that we always have better visibility and management of user sign-on, and now Microsoft apps also moved to Microsoft Entra. This provides a unified experience where we can manage access and permissions from a single location.

The consistency of our security policy is excellent. It is very granular, allowing us to scope it to groups or access it via the API. We also have Entra ID PIM, which allows us to granularly control access to resources. This is a very good option for access management.

Active Directory's Admin Center is a very good tool for managing all identity and access tasks in our organization. It provides a single pane of glass for managing users, groups, external identities, and roles. It also allows us to create administrative units, which can be used to scope access to a set of users, groups, and devices. We can also use Admin Center to view licenses, company branding, user settings, security settings, sign-in logs, provisioning logs, usage, and insights. Admin Center also makes it easy for admins to troubleshoot problems. For example, if we need to debug something, we can log into Admin Center and check the sign-in logs.

There were many benefits to moving to Entra ID. The main benefit was that it was a game-changer, especially for monitoring. When we were using Active Directory, everything was local. This meant that we had to build our own monitoring solution for each application that was onboarded into AD. This was a time-consuming and expensive process. With Entra ID, we can use Microsoft Sentinel or Entra ID Monitor to monitor all of our applications from a single location. This is a huge time and cost savings. Another benefit of Entra ID is that it makes it easy to onboard new applications. With AD, we had to deploy the application on-premises and then configure IT and access management. This was a complex and time-consuming process. With Entra ID, we can simply onboard the application and then grant Identity Access Management to the application. This is a much simpler and faster process.

Conditional access is a powerful feature that allows us to define a set of conditions that must be met in order for users to access our applications. This can help us to improve security by ensuring that only authorized users can access our data, regardless of where they are or what device they use. For example, we could create a policy that requires users to be located in a specific country or to use a specific device type in order to access our applications. We could also require users to use multi-factor authentication in order to access our applications. Conditional access policies can be applied to all of our applications, including those in Entra ID and Office 365.

Conditional access policy plays a key role in zero trust security. In the conditional access policy, there is a feature called named locations, which allows us to exclude devices from a condition if they are coming from a trusted location. For example, if we add an exclusion for trusted locations to our conditional access policy, it will directly impact our zero trust policy. The main driver for any organization to move to zero trust security is to reduce the number of named locations in their conditional access policies. By reducing the number of named locations, we can increase the security of our organization by making it more difficult for attackers to gain access to our systems.

I have been using the conditional access feature in conjunction with the endpoint manager for a long time. This is a great feature because it helps us to monitor threats and direct users accordingly. It is a very useful feature for monitoring our endpoints. For example, if a user tries to access a service, the check can be done and the endpoint manager will be able to provide us with all the findings.

Microsoft Defender for Endpoint can identify any PaaS devices that connect to a network. This includes any unpacked devices that are trying to use an application that is onboarded in Entra ID or any persistent Office 365 application, such as Microsoft Teams, Outlook, or OneDrive.

I have been using Entra Verified ID on the proof of concept. It is one of the best ways to onboard a remote employee. Since COVID in 2020, we have all been working remotely. It is better to onboard an employee who is present remotely in a different location than to ask them to come to the office, collect a laptop, and then onboard them. Verified ID makes this process easier by using preset, already-known information that is present in our company directory. For example, when an employee is interviewed, they are given face verification through a government ID. The ID is collected and a photograph is taken, which is then stored in the HR database. With this information, we can onboard employees remotely and grant them access to all of the company's resources. This is a much easier option than asking everyone to come to the office and ask for help from the overloaded service desk team.

The speed at which we can onboard a remote employee depends on how we define it in the initial planning. If we set the correct standards, such as the type of information we need to verify the employee's identity, we can streamline the process. For example, if we require the employee to provide a government ID and a photograph, the HR department can collect this information in advance and process it in the company's database. This will make it easier for the employee to complete the onboarding process remotely.

When it comes to controlling and prioritizing the privacy of identity data, there are multiple ways to do so. One way is to onboard remote employees with information that is already present in the company directory. This information can be verified by HR, who has already obtained the employee's consent to share their personal information. Another way to onboard remote employees is to ask them to provide a photo and government ID. This information is also stored in the company's database and is not shared with Microsoft. Microsoft only creates a digital identity for the employee and uses this identity to validate the employee's remote onboarding. In both cases, the employee's personal information is not exposed to the Internet. Microsoft and the company have a secure channel for exchanging this information, so there is no problem with data privacy.

The permission manager in Entra ID is very good. Microsoft improved it a lot. Microsoft Entra is the new permission manager solution. It provides comprehensive visibility into the permissions assigned to all identities, such as user identities. It also allows us to check the current permissions that are given to users. This is a better way to manage permissions. Permission management is a really good option that has a lot of benefits and improvements, especially when moving to the Microsoft enterprise.

When it comes to identity and permission management, the risk is relatively low when using a cloud-managed solution. This is because cloud-managed solutions provide full visibility and the option to automate permission management. One of the benefits of cloud-managed identity and permission management is that it allows us to implement the principle of least privileges. This means that we can give users and workloads only the permissions they need to do their jobs. This helps to reduce our attack surface and makes it more difficult for attackers to gain access to our systems. Another benefit of cloud-managed identity and permission management is that it provides us with visibility into our user and workload identities. This allows us to quickly identify and remediate any security issues that may arise.

Entra ID helps our IT administrators and HR department save time. It reduces the custom task of deploying and onboarding any application. This means that administrators can easily onboard applications to Entra ID and provide users with a single sign-on experience. As a result, administrators have more time to focus on improving their skills and deploying new Entra ID features. Entra IDoffers a wide range of features, including artificial intelligence capabilities such as Chat GPT. This frees up a lot of time that was previously spent managing the local active directory. Entra ID has freed up most of my weekends. When I was previously working with on-premises data centers, I had to patch my servers every weekend, which was a time-consuming and tedious task. However, now that all of my applications have been moved to Entra ID, these tasks have been drastically reduced. As a result, I would say that my weekends are now almost free.

Entra ID saved lot of organization money. I see previously organizations investing in expensive solutions for data centers, which required a lot of maintenance and the need to find the right talent to manage them. However, with Microsoft Entra ID, we no longer have to worry about maintaining data centers, as they are completely managed by the cloud. This has made our operations easier and more efficient, as we can now deploy changes quickly and easily, and receive alerts when any issues are found.

Entra ID positively affected our user experience.

Microsoft Entra ID Protection and Microsoft Sentinel are both excellent monitoring features for Microsoft Entra ID.

Beneficial of Entra Monitor and Log Analytics to monitor the secure operation of Entra ID services.

Great improvements in the Modern Authentication Strategy Passwordless FIDO2 improvements & Entra ID verification 

In terms of licensing - being able to pick some premium features without purchasing a package is advantageous.

Increasing the free log retention period might be more beneficial.

Compatibility features for legacy systems integration with new features will be challenging at times.

I have been using Microsoft Entra ID for ten years. Microsoft Entra ID has been a critical component of Microsoft cloud offerings since the time it was introduced.

Entra ID is extremely stable and Microsoft absolutely brings new improvements to this feature.

Entra ID is highly scalable. I have seen multiple organizations over 80,000 people in use Entra ID worldwide.

The technical support is good but sometimes it can be difficult to connect with the right engineer when you are working in a complex enterprise environment.

Neutral

Out of all my experiences i have seen organizations using  Microsoft Active Directory before switching to Entra ID.

The initial setup is straightforward. I completed most of the deployment myself with excellent support from the Microsoft support Team.

In most of the cases the implementation was completed in-house with support from the Microsoft support Team.

We have seen a return on our investment with Microsoft through improved performance, better management, and enhanced features.

Entra ID's pricing is comprehensive and affordable. The prices are easy to understand, and the licenses include a variety of security monitoring and additional features.

I have evaluated Google Cloud Identity and AWS Directory Service, but I felt more comfortable with Entra ID.

I give Microsoft Entra ID a nine out of ten.

Entra ID does not require maintenance from our end.

For someone evaluating Entra ID, it is important to understand their use case, business requirements, current solution, and expectations. The current solution is important to understand because it will help to identify any gaps that Entra ID could potentially fill.

Public Cloud