Introduction of a central cloud-based authentication
During a working day, a normal user in most companies accesses countless applications and resources and has to juggle different identities in many cases. It makes no sense to leave this task to the user himself, neither from a security nor a convenience point of view. In the best case, this is done with a password safe; in the worst case, the familiar sticky note is stuck to the monitor. IT departments are faced with the challenge of preventing this, providing a central solution and offering as much flexibility as possible to support all applications.
Particularly for reasons of harmonization, it is important to set only one central instance here and to make this the company’s standard, whether it is an on-premises service or a cloud solution. If the company already relies heavily on Microsoft products, then Azure Active Directory (AD) is the ideal successor to the “classic” AD: Modern authentication based on federation technologies, smooth transition from AD and necessary prerequisite for all products from the Microsoft 365 portfolio are just a few advantages. In addition, there is also the possibility of using other SaaS products from Microsoft in the future, e.g. from the security area, without building up your own infrastructure.
Clear application strategy
However, this approach must also be accompanied by a clear application strategy and governance. The 5 Rs (retire, replace, retain, rehost, reenvision) are helpful in assessing what needs to be done and the cost-benefit ratio. Especially with business applications and their longevity, today’s decisions shape the application landscape in 5 to 10 years.
The resulting advantages are:
- Central authentication instance
- True enterprise single sign-on
- Secure application authentication strategy
- Single identity strategy
- Readiness for B2B and B2C scenarios
- Future-oriented cloud & authentication strategy