Entra Identity Innovations and Partner Solutions for Government
Digital Identity best practices for securing Azure Government Cloud services.
The Entra Identity suite has added new features for secure access management, identity verification, and Zero Trust security for cloud and on-premises resources.
Jarred Boone, Identity Security Senior Product Manager explains how Entra can unify secure and engaging experiences across all external identities including customers, partners, citizens, and others within a single, integrated platform.
The new Microsoft Entra suite integrates five capabilities: Private Access, Internet Access, ID Protection, ID Governance, and Face Check as part of Verified ID Premium, included with Microsoft Entra Suite.
With these capabilities, you can streamline user onboarding, enhance security with automated workflows, and protect against threats using Conditional Access policies. See how to reduce security gaps, block lateral attacks, and replace legacy VPNs, ensuring efficient and secure access to necessary resources.
US Government Digital Identity
To map these innovations to public sector requirements we can review a number of key policy developments.
Recently the US Senate passed the Improving Digital Identity Act, a bill to establish a task force within the Executive Office of the President to coordinate a government-wide effort for promoting digital identity credentials (e.g., electronic driver’s licenses and birth certificates) for use in the public and private sectors.
Identity is one component part of the US Government’s overall cybersecurity strategy. NIST released version 2.0 of their Cybersecurity Framework, of which one pillar is their IDAM Roadmap, covering a diverse array of projects including biometric technology evaluation, Mobile Driver’s License, and fraud detection using Privacy Enhancing Technology.
FICAM is the federal government’s implementation of Identity, Credential, and Access Management (ICAM), a core component of their Identity pillar in their zero trust architecture.
This stipulates best practices like FIDO2 and phishing-resistant authentication, and initiatives to encourage adoption include a recent Whitehouse-hosted ‘Multifactor Authentication (MFA) Modernization Symposium’, intended to educate sector executives on the need for phishing-resistant MFA.
Azure Identity for Government – Partner Showcase
Microsoft tailors their Cloud and Identity services to meet these specific needs: For example setting up Phishing-Resistant Multi Factor Authentication, and new Entra provisioning APIs that empowers organizations to onboard employees FIDO2 security keys (passkeys) on behalf of users, a key phishing-resistant method.
This is a component part of an overall Azure suite engineered to meet unique needs of Government requirements for national security, implementing NIST-defined practices for Zero Trust security and tailoring services like 365 for ‘GCC High’, designed to meet various Federal data security regulations, including CMMC and DFARS 7012.
Entra for Government configures the Identity suite for deployment into these Government Cloud environments, and Partners then further augment and extend this capability:
Company | Capabilities | |
Axiad | Axiad Cloud offers the only FedRAMP, cloud-native phishing-resistant authentication service that supports both FIDO2 and PKI as specified by CISA and NIST, and is the ideal complement to an organization’s Microsoft Entra ID investment. | |
Hypr | The Hyper integration for Entra seamlessly integrates Microsoft-validated, FIDO Certified device-bound passkeys, enabling you to deploy phishing-resistant MFA across your organization, from desktop to cloud, ensuring your authentication meets directives from CISA and OMB. | |
Condatis | Condatis specializes in the Entra suite, offering solutions for Government Citizen Identity, deployed for customers like Defra and RMIT. | |
Idemia | Idemia have integrated with Entra, to provide liveness and document verification technology for Microsoft Entra Verified ID. The company provides public sector Identity solutions such as automated passenger gates for Singapore’s Changi airport. | |
Nerdio | Nerdio has announced Multi Entra ID tenant management for Azure Virtual Desktop, for customers who maintain multiple Entra ID tenants through use of GCC High. | |