Every organization around the world relies on complex tasks and services for automation and scalability. Many of these services need to run in the context of a workload identity without user supervision, which presents an extra security challenge for enterprises. A workload identity is an identity that allows an application or service to access secure resources, without the presence of a user. These workload identities differ from traditional user accounts as they:
- Cannot perform multi-factor authentication
- Often have no formal lifecycle process
- Need to store their credentials or secrets somewhere
These differences make workload identities harder to manage and put them at higher risk for compromise.
The new Microsoft Entra Workload Identities are a collection of features focused on protecting workloads that need to authenticate against Azure Active Directory to execute privileged or sensitive tasks. Workload Identity features can protect all apps, whether it’s an application that was bought off-the-shelf, developed in-house, or simply configured in someone’s tenant. Please check out the “Managing, governing, and securing identities for apps and services” post to learn more.
I’m excited to announce that over the next four weeks, the Identity Advocacy team is closely collaborating with many teams across Microsoft to focus on a series of activities with topics geared toward helping enterprises improve their security stature with Workload Identities. The goal is to help you implement the appropriate features to closely secure and monitor Workload Identities with the following scheduled activities:
Introduction to Microsoft Entra Workload Identities
How can Microsoft Entra Workload Identity help your organization?
Workload Identity for Developers
Learn how Nedscaper built a robust solution around Workload Identities.
Workload Identities Insights – The must have tool for every IT Pro.
Learn about Workload Identity with this free, live, hands-on workshop. Register here.
Try it out for yourself! Start today by following this link to get started and quickly protect your Workload Identities.
Learn more about Workload Identities in the process!
As part of our Workload Identity SWARM program, you also have a unique opportunity to complete the free, hands-on workshop and learn how to protect your Managed Identities and Application Accounts in your tenant. Join us for the activities that work best for you! Participate live on the Microsoft 425Show Twitch channel or watch on demand on the 425Show YouTube channel to learn from Microsoft and community experts. Finally, make sure to check the 425Show website for more news and updates.
Learn more about Microsoft identity: