Microsoft continues its product development by launching the new Entra suite for security services and supporting passwordless authentication. Entra is the name of the new group of services that the Redmond company has created for its customers . The aim is to ensure the security of companies without limiting access to users, even to resources hosted on the cloud. A few weeks ago, Microsoft presented joint work with Apple and Google to develop passwordless authentication technology, based on the work of the Fido Alliance.
Microsoft Enter, the new suite of security services
Microsoft has decided to increase its commitment on the cybersecurity front especially after the pandemic that has made the boundaries between the corporate and domestic world much more blurred. In fact, it happens more and more often that the two environments cross each other due to passwords mistakenly shared between them or for the use of private services on the company computer. The risks of infection, therefore, are extremely greater and defending the company border becomes increasingly tiring.
Here is Microsoft introduced Entra : for example, thanks to authentication with Azure Active Directory and two new categories of products Cloud Infrastructure Entitlement Management (CIEM) and Decentralized Identity. Working together they try to defend the identities of the users and the authentication process, with identity theft being one of the most widespread digital crimes.
Microsoft has focused heavily on integrating heterogeneous environments by ensuring identity protection and verification in hybrid and multicloud environments with a single user experience for the end user. Furthermore, Entra is able to verify various types of identities and to protect and manage access to corporate content.
The commitment to the development of passwordless technology
The FIDO Alliance was born in 2012 with the aim of bridging the lack of interoperability between existing strong authentication systems. Microsoft, Apple and Google recently announced joint research work with the alliance with the aim of improving authentication processes and finally saying goodbye to the use of complex passwords. As it is well known, the password is very often a crucial node in the security of information systems, being difficult to remember and very often not kept safe.
The functioning of the authentication without password is based on the smartphone, making it more and more an extension of our person and our physical characteristics. In fact, among the authentication methods the use of facial recognition, the tracing of particular drawings with a finger or the typing of a PIN could find space. At first glance, nothing new except that the smartphone would be able to completely bypass the use of the password.
At the base is the FIDO standard, which thanks to the public key cryptography technique is able to guarantee both two-factor authentication and passwordless authentication. A user's smartphone would be associated with a passkey and authentication with websites could only take place in the case of an unlocked smartphone . What if we lose our dear phone? No problem because cloud backup would make us resilient even to this eventuality.
Unfortunately, at the moment there has been only one announcement and nothing really operational and it will probably be necessary to wait until next year to see something concrete in place. In the meantime, we are closely monitoring the development of increasingly advanced and hopefully lower cost security products.
The article The new suite of Microsoft Enter security services was written on: Tech CuE | Close-up Engineering .