We started our hybrid blog series by introducing a new identity mindset where I described the benefits of making identity your organization’s primary control plane—increased user productivity, improved security, reduced help desk costs, and enhanced organizational control—to name a few.
Federating your applications with Azure Active Directory (AD) is an important step on your journey to creating your identity control plane. This step enables you to use the single sign-on, security, and management capabilities of Azure AD to give you a consistent and powerful system for governing and securing apps.
We also know it can be a lot of work to build an application migration plan when you have a complex environment. To make it easier, today we are introducing a new set of end-to-end guidance and tools that will get you going in no time flat.
Today’s blog, guest authored by Adam Steenwyk, summarizes why it’s important and valuable to move federation to the cloud and how you can get started on that journey. Adam helps build the administrative and user experiences that you use every day—I hope you find his blog useful!
As always, we’d love to hear any feedback or suggestions you have.
Alex Simons (Twitter: @alex_a_simons)
Corporate VP of Program Management
Microsoft Identity Division
#4 Federate any app with Azure Active Directory (AD)
Today, organizations require a slew of applications for users to get their work done. Users access these apps from a range of devices and locations. New apps are being developed, added, and retired every day. We know you need to expand access to more users, more rapidly while improving your compliance posture and reducing costs.
Benefits of Azure AD for Cloud Apps Federation
Many of you have on-premises federation solutions that met yesterday’s requirements, but don’t make it easy for you to meet your business needs in today’s rapidly evolving economy. You told us that it’s hard to be agile when working with old systems, and that getting new apps onboarded takes a long time.
Responding to your changing app landscape requires agility. Alex illustrated a great example how Azure AD helped one of our largest customers achieve this agility. At a recent onsite, the customer shared that by moving their app’s federation provider from an on-premises solution to Azure AD they cut down their average SaaS app onboarding time from 60 days to 3 days.
But Azure AD enables more than just increased agility. Azure AD tools can also help you achieve other critical business goals including:
- Reduce dependencies on on-premises identity and access management systems like AD FS by migrating your authentication to Azure AD with simple-to-set up user sign-in options.
- Reduce or eliminate the need for your DMZ by extending access to on-premises applications securely with the Azure AD Application Proxy.
- Improve access security using conditional access policies, Multi-Factor Authentication, and real-time risk-based Identity Protection
- Protect high-privilege accounts with just-in-time admin access and Privileged Identity Management.
- Stop worrying about availability and reliability by leveraging the multi-tenant, geo-distributed, high availability design of Azure AD for mission critical application workloads.
- Improve users experience through seamless and secure access to any application, from any device and any location.
- Enable delegation and self-service by enabling self-service identity and access management capabilities, such as password reset, group management, and application access
- Increase administrative efficiency through automated provisioningof user accounts to all your favorite apps.
- Empower developers by using building on the Azure AD identity platformwith modern authentication and authorization protocols and APIs.
- Empower partners with easy access to apps and other cloud resources with Azure AD B2B collaboration.
Addressing compliance and governance
- Meet compliance requirements by monitoring user access to applications and associated data using integrated audit tools and APIs.
- Stay compliant with built-in access reviews and identity governance technologies.
Common questions surrounding apps migration
When it comes to thinking about apps migration in your organization, we understand there are a lot of variables to consider, and tons of questions that come up along the way. Some common questions we heard include:
- How many apps are in scope of my migration?
- How can I generate a prioritized list of apps to start with?
- How should I migrate a specific, complicated app?
- How can I communicate and transition my users to give them the best possible experience?
- How can I best gain business buy-in with my plans?
- How do I demonstrate to my business the success of my project?
- What tools can I use to operationalize apps management over time?
Previously, you would need to answer these questions, define a plan, and then execute that plan. But now, we’ve done the heavy lifting for you!
How to get started with apps migration
We’re excited to announce a new apps migration white paper, a set of tools that helps you discover apps on AD FS and transition them to Azure AD, and apps-specific deployment plans that you can use to get started right away. We developed this content in collaboration with our customers to help you through the four phases of the apps migration process:
All these tools can be found at: Resources for migrating applications to Azure AD. We’ll constantly add more solution guides, tools, and deployment plans as we learn from you, so keep coming back to check out what we’ve been up to! As always, we’d love to hear any feedback or suggestions you have. Please let us know what you think in the comments below or send us an email at firstname.lastname@example.org.
Adam Steenwyk (@ajamess)
Senior PM Manager