Microsoft Entra
Are you looking for information about Microsoft Entra? In this archive you will find all our posts about Microsoft Entra.
-
Microsoft Entra Backup and Recovery: Prerequisites, Backup, and Restore in Detail
Microsoft Entra Backup and Recovery is a new backup and recovery capability for directory objects that is natively integrated into Microsoft Entra. Supported objects are automatically backed up once per day and retained for five days (backup history). Microsoft Entra Backup and Recovery is currently in preview and helps restore identity objects, policies, and application objects to a previously known state after unintended or unwanted changes.
-
Microsoft Entra Private Access: Secure Access for External Users to Internal Resources
Connecting external users to internal resources has traditionally been implemented using VPN. While this approach provides network connectivity, it does not consistently align with Zero Trust principles. With the external user access capability in Microsoft Entra Global Secure Access, external identities can now be integrated into existing Microsoft Entra Private Access configurations. Microsoft Entra Private Access External Users authenticate with their own identity and device and intentionally switch to the resource tenant within the Global Secure Access Client. During this tenant switch, a Private Access tunnel is established that restricts connectivity exclusively to explicitly published internal applications.
-
Microsoft Entra Private Access BYOD: Access Internal Resources with Entra Registered Devices
Until now, access to internal resources through Microsoft Entra Private Access was limited to managed devices that were either Microsoft Entra joined or Microsoft Entra hybrid joined. With the introduction of Microsoft Entra Private Access BYOD support, this limitation has been removed. Microsoft Entra registered devices can now access internal resources through Microsoft Entra Private Access, extending secure access to scenarios beyond fully managed devices.
-
Intelligent Local Access in Microsoft Entra Global Secure Access
Intelligent Local Access (ILA) addresses a core limitation of Microsoft Entra Global Secure Access: ensuring that local network traffic is handled locally. By default, Microsoft Entra Global Secure Access forwards traffic based on configured traffic forwarding profiles through the cloud-based Security Service Edge (SSE), even when the destination resides within the local network. This approach guarantees that security policies and access controls are enforced consistently at all times. As a result, local resources such as file shares or applications are routed through the cloud-based Security Service Edge (SSE), despite a direct local connection being available. The extended network path introduces additional latency and negatively impacts overall access performance.
-
Microsoft Entra Access Reviews: Governance for User and Guest Access
In Microsoft Entra ID, user and guest access evolves incrementally over time, for example as a result of role changes, project assignments or temporary external collaboration. Access rights that are granted once often remain in place, even when the original business or organizational requirement no longer exists. As a result, common countermeasures such as manual access reviews, follow-ups with group owners or occasional spot checks provide only limited, point-in-time transparency and do not enable a consistent and regular review of access. Decisions are often not documented consistently and are therefore difficult to audit retrospectively.