Let’s discuss the Top 50 Features of MS Entra AI-Driven Identity Security and the General Availability of Entra Suite and SSE Solution. In 2024, Microsoft Introduced incredible product innovations and Security Improvements. This year, 50+ features were launched, enhancing the user experience.
All the features were launched to enhance security, streamline access management, and improve user experience. You may be familiar with some features Entra introduced in 2024. Microsoft focused on security features for Entra last year.
This post discusses some notable features of Entra over the last year. It is designed to be shaped by rising cyber threats, customer feedback, and market needs. Here, we can quickly recap the past features of Microsoft Entra.
Here are the top 5 Features of Microsoft Entra 2024: AI-driven Identity Security, General availability of Microsoft Entra Suite, secure and customizable external identities’ access to applications, Face Check, etc.
Table of Contents
Top 50 Features of MS Entra AI-Driven Identity Security and the General Availability of Entra Suite and SSE Solution
The top 50 Features of MS Entra are designed to help organizations better protect their digital estate, ensure secure access, and improve their overall security posture. Let’s review all 50 features of MS Entra together.
- New Entra Custom Authentication Extension | Enable Integration with Any Email Providers
- Microsoft Named a Leader in Identity and Access Management in MS Entra Gartner Report Highlights
- Entra Source IP Anchoring with Global Secure Access to Improve the Security Management of SaaS Apps
AI-driven Identity Security
AI-driven Identity Security is a part of Microsoft Entra. Microsoft will introduce this feature at the Ignite 2024 Event to preview Microsoft Security Copilot in the Microsoft Entra admin centre.
Identity admins now get AI-driven summaries of identity context and insights for handling security incidents, enhancing protection against compromise. Tasks like resolving identity risks and sign-in issues are speeded up within the admin center using embedded experience.
Microsoft Entra Suite General Availability
Microsoft Entra Suite has launched its general availability. It provides a complete cloud-based solution for workforce access. It combines identity and network access to secure employee access to any cloud or on-premises application and resources from any location, consistently enforce the least privileged access, and improve the employee experience.
Microsoft’s Security Service Edge
Microsoft’s Security Service Edge SSE is the cobined solution of Microsoft Entra products. It includes Microsoft Entra Private Access, Microsoft Entra Internet Access, and the SaaS security-focused cloud access security broker (CASB) Microsoft Defender for Cloud Apps. This cloud-delivered, identity-centric networking model transforms how you secure access.
Secure and Customize External Identities Access to Applications
Secure and Customize External Identities Access to Applications is the developer-friendly customer identity access management (CIAM) solution using Microsoft Entra External ID. External ID makes secure and customizable CIAM simple when building applications for partners, business customers, or consumers.
Face Check
The general availability of Face Check, a privacy-preserving, facial-matching feature for high-assurance identity verification with the first premium capability of Microsoft Entra Verified ID.
Other Features of Microsoft Entra
We discussed Entra’s features above last year. Many other features related to Zero Trust, passwordless authentication, identity estate, product updates, tenant health, and more are available on Entra. The table below shows the features.
Zero Trust | Passwordless Authentication | Identity Estate | Product Update | Tenant Health and more | Certificate-based Authentication | SASE and IDM |
---|---|---|---|---|---|---|
Detect and defend against password spray attacks in real-time with Microsoft Entra ID Protection and reduce remediation from hours to seconds. | Neutralize phishing attempts with passkeys through Device-bound passkey support in Microsoft Authenticator for iOS and Android. | The ability to securely interact with users across your organization of multiple tenants and automatically provision and manage those users across your tenants using Multitenant organizations in Microsoft Entra ID. | This new feature offers a centralized view of Microsoft Entra product updates, with details on public previews, recent general availability releases, and change announcements such as deprecations, breaking changes, and Microsoft-managed policies. | Health monitoring, which provides helpful visuals of trends and totals for various sign-in types to make it easier to investigate the ongoing health of key scenarios. | Certificate Revocation List (CRL) validation fail safe, which enables admins can strengthen the security by failing CBA if the issuing certificate authority (CA) has no Certificate Revocation List (CRL). | Microsoft partners with leading SD-WAN and connectivity providers to reshape secure branch connectivity by uniting its Security Service Edge (SSE) solution with best-in-class connectivity, streamlining the journey toward a unified SASE architecture. |
Entra ID Protection to protect against anomalous graph usage, token theft, and attacker in the middle (AitM) attacks. | The ability to delete passwords and use a passkey for Microsoft Consumer Accounts (MSA). | Move to cloud authentication with the AD FS migration tool, which helps identify which applications are capable of being migrated and assess their compatibility. | License utilization insights, which helps you optimize your Microsoft Entra licenses, as well as stay compliant by getting insights into the current usage. | Enhanced PKI-based certificate authority (CA) store, which removes any current size limitation and supports issuer hints at each CA level. | SAP partners with Microsoft, encouraging SAP Identity Management (IDM) customers to migrate to Microsoft Entra as support for SAP IDM ends, enabling enhanced integration for a comprehensive identity and access governance framework. | |
On-premises password changes can now reset user risk, enabling hybrid customers to apply risk-based Conditional Access policies requiring password remediation. | Support for passkey (FIDO2) authentication in brokered Microsoft apps on Android that now allows users to sign into apps like Teams and Outlook using a FIDO2 security key or passkey. | The ability to build visually appealing, pixel-perfect authentication screens that seamlessly blend into your app’s interface using the native authentication for External ID. | Support for username, affinity bindings, policy rules, and advanced CBA options in Conditional Access. | |||
Enhance the detection and automatic mitigation of Insider threats using insider risk condition in Conditional Access. | Admin provisioning of FIDO2 security keys (passkeys) on behalf of users, which provides secure and seamless authentication from day one. | Bicep templates now provide declarative infrastructure-as-code (IaC) capabilities for Microsoft Graph resources, allowing you to define and deploy tenant infrastructure like Microsoft Entra ID groups or applications. | Allowing access to specific resources based on the certificate Issuer or Policy Object Identifiers (OIDs) properties. | |||
The Entra ID Protection dashboard, which provides key metrics, visuals, and recommendations to enhance your tenant’s security posture. | Expanded self-service request flows, which now enable requests on behalf of employees, ensuring timely access to resources and boosting productivity. | Updates to FIPS 140 compliance for Microsoft Authenticator helps federal agencies meet the requirements of Executive Order (EO) 14028 and healthcare organizations with Electronic Prescriptions for Controlled Substances (EPCS). | ||||
Requiring multifactor authentication (MFA) for users accessing admin portals like Entra admin center can prevent over 99.2% of account compromise attempts. | Using confidential HR data stored in custom security attributes, along with other attributes, now helps define workflow scopes in Lifecycle Workflows and automate joiner, mover, and leaver scenarios. | Identity Governance for government updates, in which Microsoft Entra ID Governance is available for federal agencies, state and local governments, and government contractors in the US Government Community Cloud (GCC), GCC-High, and Department of Defense cloud environments. | ||||
Microsoft-managed Conditional Access policies now better secure your resources and data by adapting to usage patterns, risks, and existing policies, reducing your effort. | Simplification of enabling, disabling, and deleting accounts in Microsoft Entra with Lifecycle Workflows, ensuring seamless offboarding after a retention period. | |||||
To enhance baseline security, the 14-day grace period for skipping MFA registration with security defaults is ending, as MFA blocks over 99.2% of identity-based attacks. | Monitor workflow health and gain insights in Lifecycle Workflows, including viewing processing data across workflows, tasks, and categories. | |||||
External authentication methods in Microsoft Entra ID now let you use your preferred MFA solution while leveraging features like Conditional Access and Identity Protection. | Significant updates to the Sign-ins workbook make it a crucial tool for organizations transitioning from Azure AD Authentication Libraries (ADAL) to Microsoft Authentication Libraries (MSAL). | |||||
Integration of Microsoft Entra Permissions Management with Microsoft Defender for Cloud (MDC) streamlines access and permission insights for other cloud resources through a unified interface. | Updates to the Microsoft Entra PowerShell module, a high-quality and scenario-focused tool designed to streamline management and automation for Microsoft Entra products. | |||||
Addition of new Entra recommendations, like ‘Remove unused applications’ and ‘Renew expiring application credentials,’ to improve application health and security. | The ability to perform security analysis, threat hunting, and monitor application activity in your tenant using Microsoft Graph activity logs. | |||||
Requiring interactive reauthentication before accessing critical applications and taking sensitive actions using Conditional Access. | Improvements to make usage and management of Mac devices more seamless and secure with the platform SSO. | |||||
Quick Microsoft Entra Verified ID setup, which removes several configuration steps an admin needs to complete with a single select on a Get started button. | Provision security groups to Active Directory and easily govern on-premises applications (Kerberos apps) using Microsoft Entra ID Governance. | |||||
Effectively manage administrative users and groups using dynamic rules. | ||||||
Enhanced support for PIM-enabled Groups in Microsoft Entra Permissions Management. | ||||||
Custom authentication extensions now allow you to customize the authentication experiences by integrating with external systems. | ||||||
Improved resiliency for workload identity authentication with 99.99% service-level promise. |
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Resource
Microsoft Entra: Top 50 features of 2024
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.