Microsoft Introduces New Entra Recommendations to Fortify Application Defenses

Network Security

Key Takeaways:

  • Microsoft has announced new Entra recommendations that provide actionable steps to mitigate security risks.
  • The Microsoft Entra recommendations feature allows organizations to remove unused credentials from applications to prevent unauthorized access.
  • A new Microsoft Entra recommendation helps to identify applications utilizing Azure AD Graph APIs.

Microsoft has announced several new and upcoming recommendations for Entra ID customers. These recommendations enable organizations to improve the health and security of their applications.

The Microsoft Entra recommendations feature enables customers to track all settings and resources within their organization. This feature simplifies the monitoring of the tenant’s status, ensuring it remains secure and healthy.

The first new Microsoft Entra recommendation enables administrators to remove any unused credentials from applications. An application credential refers to a piece of information used by an application to authenticate itself when interacting with other apps or services. This new recommendation helps to prevent any unauthorized access to sensitive resources in case an application’s credential is compromised and enhances the overall security posture of the system.

Additionally, the second Entra recommendation highlights expiring application and service principal credentials to minimize the risk of downtime. Another new recommendation focuses on removing unused applications to mitigate the potential for hackers to compromise sensitive corporate data.

Microsoft has also introduced a new recommendation to identify applications and service principals that have recently utilized Azure AD Graph APIs. Microsoft announced its plans to phase out the Azure AD Graph service in 2020, advising users to transition service principals to Microsoft Graph.

Microsoft's Introduces New Entra Recommendations to Fortify Application Defenses
Nw Microsoft Entra recommendations (Image credits: Microsoft)

Changes to Identity Secure Score

Microsoft has unveiled upcoming updates for Identity Secure Score, a feature designed to help Entra ID customers assess their identity security posture and receive actionable improvement recommendations. Among these updates is a new Secure Score recommendation aimed at helping organizations protect against insider risks. It allows the implementation of a Conditional Access policy to restrict access to corporate resources for high-risk internal users.

Going forward, Microsoft plans to add support for email notifications and delegation capabilities to other roles. Additionally, the company will provide more actionable recommendations to help IT administrators promptly address security issues within enterprise environments.