Microsoft Entra ID Reviews

Our primary use case for this solution is identity and access management within our organization's hybrid cloud environment. We have a multinational presence across 12 countries, with around three thousand employees worldwide. Entra ID plays a pivotal role in streamlining user onboarding and offboarding processes, ensuring secure access to our resources.

Our environment is characterized by a blend of on-premises and cloud-based services, and Entra ID seamlessly integrates with our Azure tenant. It allows us to efficiently manage user identities, enforce authentication and authorization policies, and implement multifactor authentication for enhanced security.

Moreover, we leverage Entra ID's capabilities to maintain compliance with specific regulations, such as those in Germany, where mailbox access for departed employees requires careful management. Entra ID's security features, including Azure Information Protection integration, provide an additional layer of protection against evolving cyber threats.

Microsoft Azure Entra ID has been a transformative addition to our organization, bringing a multitude of benefits and enhancements across various facets of our operations. Here are the key ways in which Entra ID has made a significant difference:

Unified User Access and Seamless Experience:

Entra ID provides a unified interface for managing user access, offering an exceptionally user-friendly experience. Users can effortlessly access a wide range of applications, both cloud-based and on-premises, using a single set of credentials. The Azure portal serves as a true portal, creating a distinct realm for users while maintaining a user-friendly interface. Single Sign-On (SSO) configuration simplifies the login process, allowing users to use a single ID for multiple applications. This streamlined approach, coupled with multifactor authentication, ensures a secure and convenient login experience, especially important in today's remote work environment.

Efficient Policy Management:

One of the standout features of Entra ID is the ease with which Azure policies and conditional access can be applied to enhance security. The EntraID admin center serves as a central hub for cloud-based identity and access management, offering a wide array of features that not only enhance security but also promote collaboration and productivity within the organization.

Modern Authentication Protocols:

Entra ID employs modern authentication protocols like OpenID Connect, which are well-suited for web and mobile users. This is especially crucial in an era where remote work and mobile device usage are prevalent. It represents a significant improvement over the traditional Windows Active Directory, which relied solely on Kerberos and NTLM.

Hybrid Capabilities:

Entra ID's support for hybrid scenarios is invaluable. It caters to the preferences of employees who still rely on on-premises solutions while leveraging the advantages of the cloud. This flexibility in a hybrid environment is a substantial benefit.

Conditional Access for Enhanced Security:

Conditional access policies, akin to "if-then" scenarios, provide granular control over access conditions. These policies evaluate login attempts based on factors such as user location, device health, and more. This ensures that access is granted only under specific, predefined conditions, significantly bolstering security.

Role-Based Access Control (RBAC):

Entra ID offers a robust RBAC system that allows precise management of access permissions. Custom roles can be created, granting users only the necessary permissions, enhancing security without overexposure.

Cost-Effective Scalability:

The cost-effectiveness of Entra ID is notable. It offers a free option, making it accessible to organizations of various sizes. Premium plans unlock advanced features, such as identity protection and advanced threat detection, providing excellent value for the investment.

Enhanced User Experience:

Entra ID has substantially improved the user experience. Account creation and provisioning are straightforward, even more streamlined than traditional Windows Active Directory. This inclusive process involves licensing, role, and permission configuration, all within a unified interface.

Microsoft Azure Entra ID has significantly enhanced our organization's security, user experience, and efficiency. Its modern authentication, conditional access, and RBAC capabilities, along with its support for hybrid environments, make it a valuable addition to our IT ecosystem. Moreover, the cost-effectiveness of Entra ID and its role in simplifying identity and access management have further solidified its value proposition. Our users are more satisfied than ever, thanks to the improvements brought about by this powerful solution.

The standout features of Microsoft Entra ID, for me, revolve primarily around its robust security measures. As someone deeply invested in cloud security, these aspects have proven to be exceptionally valuable.

Conditional Access Policies: The ability to formulate and enforce conditional access policies is a game-changer. It allows us to implement highly granular access control, considering factors like user location, device health, and authentication methods. This level of flexibility ensures that access to critical resources is granted only under the appropriate circumstances, enhancing our security posture significantly.

Identity Protection: Microsoft Entra ID's identity protection capabilities are commendable. They assist us in safeguarding user identities, reducing the risk of unauthorized access and identity-related security breaches. The peace of mind that comes with knowing our identities are well-protected is invaluable.

Threat Intelligence: Real-time threat intelligence provided by Entra ID equips us with the necessary tools to stay ahead of emerging security threats and vulnerabilities. In a rapidly evolving threat landscape, having this information at our fingertips is indispensable.

These security features, coupled with a user-friendly interface and seamless integration, make Microsoft Entra ID an exhilarating solution for those of us who prioritize cloud security. It not only enhances our security posture but also empowers us to adapt and respond effectively to evolving cybersecurity challenges.

Privileged Identity Management (PIM) Performance: Improvements in the performance and reliability of PIM are crucial. Users occasionally encounter issues where roles are elevated, but the assigned roles do not function as expected. Enhancing the consistency and responsiveness of PIM is essential for a seamless privilege management experience.

Portal Speed and Responsiveness: Addressing occasional slowdowns, particularly on Fridays, within the Azure Entra ID portal is important. Consistent portal performance ensures efficient user access management and administration.

Cross-Tenant Synchronization and Collaboration: Simplifying cross-tenant synchronization and collaboration is essential for organizations working in multi-tenant environments. Enhancements in this area can streamline identity and access management processes across tenants, reducing complexity and improving collaboration.

User Offboarding and SharePoint Permissions: Streamlining the offboarding process for former employees is critical. After disabling or deleting a former employee's account, there should be an automatic mechanism to remove associated permissions in SharePoint. Currently, these permissions often remain in SharePoint as stale entries, requiring manual removal. Automating this process can improve security and reduce administrative overhead.

I have been using Microsoft Entra ID for six and a half years.

The Entra ID system has consistently demonstrated a high level of stability. Throughout our usage, I can't recall a single instance when the service experienced downtime. This underscores Microsoft's commitment to ensuring the continuous functionality of the service for its customers.

The stability of Entra ID is crucial for our operations, and its reliability has greatly contributed to our confidence in the platform. Microsoft's dedication to maintaining a stable environment aligns with the expectations of organizations relying on their services.

In summary, the stability of the Entra ID system has been commendable, and it reflects Microsoft's emphasis on delivering a reliable experience to its users.

Scalability in the context of Entra ID has been a significant advantage, particularly when compared to traditional on-premises solutions. The scalability of Entra ID is dependent on both the hardware and the underlying infrastructure. In the case of on-premises servers, organizations are tasked with maintaining and upgrading the hardware, which can be resource-intensive.

What I've observed with Entra ID is that it offers exceptional scalability and reliability. This scalability is achieved through a combination of factors, including built-in redundancy and automatic updates. Microsoft takes on the responsibility of managing the underlying infrastructure, alleviating the maintenance burden on organizations.

This level of scalability allows us the flexibility to easily scale our resources up or down based on our specific requirements. Whether we need to accommodate growth or adjust resources to optimize costs, Entra ID provides the agility needed to achieve our goals.

In essence, the scalability of Entra ID is of the highest quality, and it's a testament to the benefits of utilizing a cloud solution like Azure. The cloud-based approach simplifies resource management and ensures that we can efficiently adapt to changing demands.

We've encountered occasional issues, and Microsoft's customer service and support have consistently been friendly and responsive. Whenever we've reached out to them, they've promptly assisted us in resolving our problems.

One notable aspect is that Microsoft support typically prefers phone calls or emails for communication. While their support is effective, we've found that using Microsoft Teams for support calls would be much more convenient. Teams provides an efficient and collaborative platform for communication, making it a valuable tool for resolving issues.

This highlights the opportunity for Microsoft to enhance customer support by utilizing Teams for more convenient and efficient interactions.

Positive

The initial setup of Entra ID is remarkably straightforward. The system seamlessly integrates within our existing infrastructure, requiring nothing more than an Azure tenant.

In terms of the migration process, we prioritize quality over quantity. We don't need a large workforce for the migration; instead, we value individuals who possess a clear understanding of their roles and responsibilities. This approach is supported by a well-established product line and effective risk management strategies. Additionally, our past experiences and insights gained from previous projects significantly contribute to our confidence and comprehension of the necessary actions.

In collaboration with our partners, our team consists of five members dedicated to the migration process. Our partners, on the other hand, have a smaller team comprising three individuals providing assistance. This collaborative effort ensures a smooth and efficient transition to Entra ID.

We worked with a Cloud Solution Provider (CSP) with many years of experience with the product to successfully implement Entra ID

Our investment in Entra ID has undoubtedly yielded a significant return. Those familiar with its capabilities and accompanying features are confident in the tangible benefits it brings. In a landscape where cloud advancements have revolutionized IT, Entra ID stands out as a crucial component of our infrastructure.

Without this cloud product and the transformative developments in cloud technology, navigating the IT landscape would be challenging. We'd likely find ourselves exploring various products from different companies, potentially incurring higher costs than our current investment in Entra cloud products.

Therefore, I have full confidence that we've achieved a substantial return on investment through our adoption of Entra ID and other cloud solutions. It's a testament to the value and cost-efficiency that modern cloud technologies offer to organizations.

When it comes to setup cost, pricing, and licensing for Entra ID, I would advise others to carefully assess their organization's specific needs and requirements. It's essential to have a clear understanding of the features and capabilities needed to support your business operations effectively.

Consider the scalability of your organization and how Entra ID aligns with your growth plans. Microsoft offers various licensing options, so it's worth exploring the most suitable licensing model that fits your budget and operational demands.

Additionally, keep in mind that while initial setup costs may vary, the long-term benefits of a secure and efficient identity management solution like Entra ID can significantly outweigh the initial investment. It's an investment in both security and productivity.

Lastly, stay updated with Microsoft's licensing updates and pricing changes to ensure that your organization remains compliant and optimized in terms of cost-effectiveness."

This advice provides a general guideline for organizations considering Entra ID, encouraging them to conduct a thorough evaluation of their needs and resources.

Our organization has a strong Microsoft orientation, which naturally led us to align our infrastructure with Microsoft standards. Entra ID serves as our identity provider, handling crucial processes like onboarding, offboarding, and managing departed employees' accounts and devices.

One challenge we've encountered is dealing with "stale devices" connected to Entra ID when employees have left the company. To address this, we regularly execute scripts to identify and manage both dormant accounts and devices. Compliance policies, especially in countries like Germany, necessitate specific mailbox access rules for departed employees. This involves granting the manager access to the mailbox for three months before archiving it. Deleting the user account isn't an option in such cases.

Entra ID offers a health dashboard that helps us track maintenance activities and pending implementations. Key updates, recommended every three months by Microsoft, are currently performed on a monthly basis to maintain robust security.

As a multinational company and a global workforce, security is paramount. Multifactor authentication is a crucial process for all Entra ID users, given the increasing sophistication of cyber threats. We highly recommend exploring the security features of Entra ID and its integration with Azure Information Protection—a cost-effective, AI-driven solution that enhances security.

Hybrid Cloud

Microsoft Azure

I use Microsoft Entra ID for managing employee onboarding and privileged identity management inside Entra for security. We also use it as an active directory.

The product's valuable features include privileged identity management, least privilege for Zero Trust, the onboarding process for new employees or role changes, and implementing security on identity authentication and authorization. It provides resources for security, which aids in fast employee onboarding.

In the compliance area, the granulation of access to storage accounts or Kubernetes could be improved.

I have used Entra for about one year or maybe two, and it is recently in production.

Some aspects were complex, such as using Microsoft Entra ID in our products and applications. However, Microsoft has a support line that is part of our SLA, which helps resolve any difficulties.

I would rate the support as ten out of ten. They were available to us and worked with us for a day to resolve issues.

Positive

I used Okta Active Directory previously. I use both Okta and Microsoft Entra ID. The reason for moving to Microsoft Entra ID is that it is better for our client applications instead of using another authentication program.

The initial setup was smooth and involved syncing between active directory and Microsoft Entra ID.

In the first and second phases, I handled the deployment alone. The third phase focused on training tier-two technicians.

The ROI improved noticeably, although I do not have exact numbers.

Microsoft Entra ID is not too expensive, and we received a great offer from Microsoft, upgrading to E5 or P2 at a better price.

I rate Microsoft Entra ID an eight out of ten overall.

Hybrid Cloud

Other

We are using Microsoft Entra ID for single sign-on with our hybrid domain environment and for identity management with multi-factor authentication using Microsoft Authenticator. We plan to migrate our whole user base over to Microsoft Authenticator with MFA capabilities, possibly with certificate-based authentication.

We're still testing Entra and having implemented it on the application side. We'll soon start using application proxies to get into our line-of-sight businesses on-prem. 

We follow a least privileged access model, and Entra ID has helped us to avoid overextending access from the administrative side. And we plan also to implement it with devices. Our administrators are more careful when auditing access and ensuring everyone has access. 

We haven't implemented permission identity management, but we plan to use it. Entitlement management and dynamic grouping of Microsoft 365 groups are features I enjoy. From an administrative perspective, we can now manage users from a single pane of glass, which enhances efficiency. MFA will improve the user experience and increase organizational efficiency.

The implementation of other third-party MFA such as Okta or Duo could be improved, even though Duo is integratable. The response from actual support tickets is a bit laggy, and I would like them to be more responsive.

We have been using Microsoft Entra ID for about two years.

Entra's stability is great and consistently meets our expectations.

The scalability is excellent. We can scale Entra up and down as needed efficiently.

Our consultants are excellent and provide consistent help, but there is room for improvement in the responsiveness of actual support tickets.

Positive

We previously used on-prem Active Directory as our solution.

The initial setup was straightforward.

We did it all in house without any additional team.

We go through a reseller, CDW, who walked us step-by-step through the process. The pricing, setup cost, and licensing have been fairly straightforward.

Hybrid Cloud

I work on it to investigate it. I work at a cybersecurity company, so I focus on how the product behaves, particularly how Microsoft Entra ID behaves with group permissions and such.

We work with Microsoft because we're also a security company, so we scan Microsoft Entra ID and then monitor what happens regarding defending against token theft and nation-state attacks.

We are partners with Microsoft. We don't sell Microsoft products; we sell our own product, but we integrate it with Microsoft.

It's simple to create groups or accounts and to add users. There are several options for dynamic groups.

Microsoft Entra ID influences our zero trust model because we need to make sure that we give the right user permissions.

To improve Microsoft Entra ID, it should be made simpler because there is a lot of stuff to do in the platform, which could be reduced to fewer buttons.

I have been using Microsoft Entra ID for two years.

Microsoft Entra ID is pretty stable.

I don't know about scalability, but I assume it is suitable because it is used for huge organizations.

Customer service and technical support for Microsoft Entra ID are very good because I open many tickets with the support and get straight answers. If I don't get an answer, they update me all the time that they will provide an answer, and they work on that.

Positive

Microsoft Entra ID is pretty easy to deploy. The speed of deploying Microsoft Entra ID depends on the organization and its structure, but building new users is very simple.

There is a return on investment when using this platform, though I am uncertain about the specifics.

I haven't observed any problems or changes in the frequency and nature of identity-related security incidents after using Microsoft Entra ID in my company.

I would rate Microsoft Entra ID a nine out of ten.

Entra ID serves as our primary identity security tool. 

Entra ID enables us to implement security easily and effectively. It has built-in integration with all the Microsoft tools, like SharePoint, Outlook, Teams, etc., the condition access we discussed earlier. It's our primary identity security tool. We can't live without Entra ID. 

Using Entra ID has improved our security. Our security score is close to 80 percent, which is a critical metric because that includes everything under the hood. We have continuously improved in the last two or three years. We have implemented many improvements since the pandemic, so the number of incidents has decreased a bit, and automation has been throttled up.

Conditional access and Privileged Identity Management (PIM) are the most valuable features from a security perspective. 

Rule management and permissions need improvements. I have had discussions with product managers about these challenges and sent emails regarding them. Additionally, improvements are needed in the Identity Governance and Administration (IGA) side of things.

I have been working with Entra ID for around six years.

I rate Entra ID 10 out of 10 for stability. I have not encountered any issues.

I rate Entra ID's scalability 10 out of 10. It's great.

Customer service has been very good. I have raised sophisticated queries and received responses within a day.

Positive

I have never used a different solution and have always worked with Entra ID.

I have not personally deployed Microsoft Entra ID. However, I have integrated the solution, and we have worked with integrators to set it up.

The biggest return on investment is the seamless integration with all Microsoft apps and services. If you choose something new and integrate it, it can take a lot of time.

I rate Entra ID eight out of 10. 

Hybrid Cloud

Other

The primary use case for Microsoft Entra ID is authentication, allowing internal employees and guest users to log into our system.

Microsoft Entra ID has simplified central management, including administration and an overview of all logins and user profiles. It simplifies logins, not only for internal users but also for guests. We don't need to manage a lot of party sign-on. It has dramatically decreased phishing and other hacking attempts. 

It has improved our approach to defending against nation-state attacks and token theft by allowing us to enable MFA and other out-of-the-box capabilities easily. We've also reduced complaints and changed user behavior. It takes them some time to get used to it, but we educate them on how to use the built-in security features.   

The most valuable feature for us is the B2C functionality of Microsoft Entra ID, which is essential due to our need for external and internal users to log into our system.

Currently, Microsoft Entra ID meets our needs. I could not think of any areas for improvement or additional features for the next release.

I have used Entra ID for three to four years.

The stability of Microsoft Entra ID is satisfactory.

Microsoft Entra ID is scalable.

I rate Microsoft support eight out of 10. Internally, we have a feedback system for our customer service. While it may not be perfect, there are noticeably fewer customer complaints.

Positive

We did not use a different solution before Microsoft Entra ID. Since we are deeply embedded in the Microsoft ecosystem, it was the natural choice.

The initial setup was not difficult. 

We did not use an integrator, reseller, or consultant for deployment.

I am confident that we have seen a return on investment, but I have not calculated it. Microsoft Entra ID reduces risks and the need to do things manually.

Microsoft's pricing and licensing are difficult to understand. We engage with Microsoft partners regularly, but Microsoft's frequent rebranding complicates the process for us in the industry.

Microsoft Entra ID was a straightforward choice due to our integration within the Microsoft ecosystem.

I would rate Microsoft Entra ID eight out of 10. We are generally satisfied, although understanding the solution fully can be challenging. Once we have the knowledge, implementation becomes easy, but initially, it can be time-consuming.

Public Cloud

Other

The primary use cases for Azure AD include use in projects and deliverables when implementing different solutions like SSPR, multifactor authentication, Conditional Access policies, and fine-graining the controls on end-user machines, devices, and applications. I also use it to sign licenses via different methods, including group-based licensing, direct licensing to individual users, registering applications, and providing CPUs and credentials. Lastly, I use Azure AD for whitelisting external identities and domains for communication between internal and external domains.

Our organization is global, with over nine locations across the world. We have a hybrid environment, which is very complex due to the size of the organization, and we have a varied client base. From a security standpoint, we have a variety of security services and products. 

Azure AD is a one-stop solution where we can manage every aspect of identities, access, and applications via policies across all domains of our organization.

We use the Conditional Access feature to enforce fine-tuned and adaptive access controls. This makes our Zero Trust strategy to verify users more robust, as standard users have limited access, on limited devices, with limited permissions. They can only access the domain on specific machines and must be on the corporate or office network. Access from outside the network isn't possible unless it's from a whitelisted location, and along with MFA, we have a powerful Zero Trust model in place.

Azure AD saves us a lot of time, as we previously used an on-prem legacy solution with poor integrations, which slowed onboarding and other processes. Thanks to the product, we spend approximately 70% less time daily and about 80% less time weekly. That's a big plus. 

The solution helps our organization save money from a cost perspective, and there are several other vital angles to consider. Azure AD is an out-of-the-box product in terms of features and security, which is a reduced cost. Whether an organization requires P1 or P2 licensing is another consideration. Finally, if a company is replacing legacy systems, that's money saved for licensing and maintaining those systems. Some of our clients have seen 30-40% savings, especially those using complete legacy systems and then switching to a cloud environment.   

Azure AD greatly helps user experience, as we can integrate the solution with many services. End-user experience improved, whether staff members try to access resources from mobile or even personal devices. We can fine-tune access control across the enterprise, and that helps us provide a good end-user experience.  

The most valuable features are the Conditional Access policies, SSPR, and MFA. Another good functionality is registering enterprise applications to provide access to external parties. These four features are precious and are the most used across different use cases for various clients and projects.

Azure AD provides a single pane of glass for managing user access; we can assign access permissions to different user accounts based on situational requirements, and helpful security features are available. The solution provides sign-on consistency, and we can configure permissions to enable single sign-on for a particular application or domain. This gives us the flexibility to offer a great user experience.    

The solution gives us a lot of flexibility when it comes to managing all identity and access tasks in our organization. We can manage freshly provisioned identities from scratch, as well as existing identities and apps through the Azure admin center.   

I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud.

There are other similar limitations, such as a cap on the number of identities that can be synchronized in a particular time frame, which can be an issue for large enterprises with 300,000 employees or more.

I've been using the solution for over three years. 

The solution is stable, though there can be issues around synchronization within a vast organization. Performance-wise, Azure AD is a good product.

The scalability is good. 

Microsoft technical support can take a while to resolve. I can get a response in 30 minutes, but the time to resolve is usually more than four hours or over a day. I wonder if the support staff has adequate training and expertise to provide a better service.

Neutral

We previously used on-premises AD and switched to Azure AD because we wanted the benefits associated with cloud-based solutions.

The complexity of the initial setup depends on the deployment; cloud deployments are very straightforward, on-prem implementations are more complex due to the infrastructure, and hybrid deployments are always complex as there are many considerations and assessments to be made.

It is hard to measure ROI with security solutions, but identity is the first point of vulnerability for cyber attacks, so identities must be secure and well-managed. The solution provides this, and that is a worthwhile investment.

Azure AD has four licensing options- free, Office 365 apps, Premium P1, and Premium P2. The free option has a limited number of identities and features, and the Office 365 version comes included in several Office 365 subscriptions. With the P1 and P2 licenses, we get all the freeware features plus additional security features, but these come at a higher price. The base price for P1 and P2 is $6 and $9 per user per month, respectively.

I rate the solution nine out of ten. 

From a security standpoint, we don't have major controls from Azure AD, but we can implement features such as MFA and Conditional Access policies to fine-grain the rules on apps and devices. We can also enforce policies where users have different sign-on requirements for the same account, depending on where they sign in from.  

We used the solution's Conditional Access feature in conjunction with Microsoft Endpoint Manager as it was a requirement for a client-side project. There were some conflicts between the two tools regarding device management, so we had to select a different approach. Conditional Access reduces the risk of unpatched devices connecting to our corporate network because it triggers the policy stating only compliant devices can log in and access resources.

Clients use different deployment methods for Azure AD, but most implement them within a hybrid environment. A few organizations are entirely cloud and SaaS-based, as they don't want the maintenance and management associated with on-prem infrastructure and prefer the security offered by the cloud.

My advice to those looking to implement the solution is to consider their primary goal and use case for the product and how they want to implement it. If you have a hybrid environment, many details about how Azure AD can fit into the environment must be figured out beforehand. Consider the costs and how the solution will help from a security standpoint over the next five to ten years, from all perspectives, including networking, security, systems management, and maintenance.

Hybrid Cloud

Microsoft Azure

The primary use case is for single sign-on, service provisioning, and security features, including multi-factor authentication.

We have been integrating network services and authentication services such as PIN Identity and Entra ID, which helps in providing a consolidated security solution.

The main valuable feature is the integration into a single console, which includes authentication service and endpoint security. This consolidation of security features in one place is extremely beneficial.

The cost is one area that needs improvement. Also, there is a need for better transformation support from on-premises Active Directory policies to the cloud, as Entra ID doesn't cover this sufficiently yet. The flexibility of the security policies could also be improved.

I have been working with EntraID, previously known as Azure ID, for about three or four years.

The stability of the solution is good with a rating of eight out of ten.

Entra ID is pretty scalable with a rating of eight out of ten.

Sometimes there is a late reply, but overall, it's good. I would rate Microsoft technical support as a seven out of ten.

Neutral

Customers often consider alternatives like Okta or PingID if Entra ID does not suit their requirements.

The initial setup of Entra ID is simple.

We work as integrators, focusing on integrating network services and authentication services like Entra ID.

I'd rate the solution eight out of ten.