课程: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Identity and access security with Microsoft Entra - Microsoft Security Copilot教程

课程: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Identity and access security with Microsoft Entra

- [Instructor] Identity and access security is now the centerpiece of modern security serving as the foundation for models like zero trust. First, let's talk about some key concepts of identity and access management, or IAM. The goal of IAM is to control access. Basically, it involves a subject and an object. The subject wants to access the object, and we need to control access to ensure that the right users have the right permissions to access the right resources. There's a general framework for identity and access management called AAA, which stands for authentication, authorization and accounting. Here's what the framework looks like: to access the resources we need identity, something that identifies a subject, for example, username or object ID; authentication, a process to verify who you are using a password or multifactor authentication; authorization, a process to check what resources you can access and what kind of actions you can take; finally, you can access your resources. In addition, we need an accounting process to track who did what, where, and when. Microsoft Entra is a product family from Microsoft designed to secure identity and access. Microsoft Entra enables organizations to establish zero trust through robust identity and access management, secure workforce access using identity governance, identity protection, and a unified access control, secure customer and partner access with external identities, and secure access across multi-cloud environments. Microsoft Entra includes various products to implement these capabilities, such as Microsoft Entra ID, formerly Azure Active Directory, this is a cloud-based identity and access management solution; and Microsoft Entra Identity Governance provides functions such as entitlement management, access reviews, and privileged identity management. Now let's take a quick tour of Microsoft Entra. Here's an Microsoft Entra Admin Center. Under Identity, you can manage users, manage groups, manage devices, and manage applications. Under Protection, you can access identity protection, set up conditional access, review identity secure score, and configure authentication methods. Under Identity Governance, you can perform access reviews, manage privileged identities. Also, you can access the capabilities such as verify the ID, permissions management, and Global Secure Access.

内容