Microsoft has announced the general availability of its Entra Workload Identities service. The new solution is designed to manage identity and access for software workloads and Certificate-based Authentication.
A workload identity is an identity that allows an application or service principles to access other services and resources. However, it’s a bit challenging to secure workload identities as compared to user identities. For instance, workloads identities can’t perform multi-factor authentication (MFA). Moreover, organizations have no formal process for managing access to resources and there is a higher potential for leaked credentials.
Microsoft notes that these challenges make it harder for IT admins to manage workload identities. As workload identities are facing an increasing number of cyber attacks, Microsoft is extending its capabilities to secure these workloads.
Microsoft Entra Workload Identities is an identity and access management service that offers security controls for applications and services and helps manage their lifecycle. The key capabilities included in the Microsoft Entra Workload Identities solution include conditional access, identity protection, and access reviews.
“With Microsoft Entra Workload Identities, you can apply enhanced security to your workload identities by implementing conditional access, containing threats proactively, and getting more insight into workload identities lifecycles,” Microsoft explained.
The conditional access feature lets IT admins configure location or risk-based policies for workload identities. Moreover, the identity protection feature helps to track compromised credentials, suspicious sign-in attempts, and changes to accounts. It’s also possible to create access reviews for workload identities.
Additionally, Microsoft plans to release a new App Health Recommendations feature later this month. It will allow administrators to view insights such as expiring credentials as well as unused apps and credentials.
Microsoft Entra Workload Identities is available as a standalone solution and it’s currently priced at $3 per workload identity per month. Microsoft is offering a free 90-day trial of the service and you can learn more about how to get your organization on board on this page.