Posted 4.11.19
by Owen
What is...

Azure Active Directory (AAD)?

Managing customer and employee information properly can be a daunting task for any organization, and determining whether that information should be kept on-premise or in the cloud even more so. Active Directory (AD) is one identity management tool that can help businesses in this respect. AD has had some big changes since its early inception, which we’ll talk about below.

In the olden days of Microsoft Windows Server AD, you had a simple on-premise repository that stored a limited amount of customer and/or employee information. With the advance of the public cloud, specifically Azure, the ability to scale based on company growth became a reality. Microsoft responded to the need for scalability by building Azure Active Directory.

Why have AAD?

It’s impossible to achieve any kind of meaningful scale without the ability to scale your identity management tool as well. Internal growth might mean more admin credentials to keep track of, and external growth means more customers to manage. Proper identity management is critical to controlling the security and efficiency of data–when the right roles and permissions are assigned to the right people, you can secure applications, ensure compliance goals are met and cut costs.

Azure AD also supports several open security and identity protocols such as oAuth 2.0, which makes it possible to integrate with third-party identity managers such as Facebook, Google and Apple. This integration allows Azure to potentially provide some valuable insights into your customer base. For example, if you notice that a majority of customers use Facebook to access your application, you may want to consider Facebook ads to reach those customers further.

The great part about Azure AD is that it can be connected in a few different ways. It already offers single sign-on across all of Microsoft’s online business services (such as Office 365) but also allows access to thousands of popular SaaS applications such as Salesforce, DropBox, and Google Apps. In a hybrid environment, it can also be integrated with existing on-prem resources to give organizations the manage access to cloud-based applications through their on-prem environment.

For an extra layer of security, Azure AD also offers native support for multi-factor authentication when it comes to accessing your applications. This support is an additional (but small) cost.

If you’re debating between scalability or control as the most important factor for your AD, you’ll find that Azure AD is friendlier towards scalability. Because it is cloud-based, it’s extremely flexible in accounting for large internal or external company growth. If you need to implement regulatory policies and security controls and can sacrifice some scalability, an on-prem AD might be a better option. If you have a hybrid environment,  you can use AD Connect to sync your on-prem AD to Azure, and AD Sync to keep those directories in sync, all with a single sign-on.

Active Directory is an important component for any successful business. If you need a repository that can quickly scale to accommodate new growth, then Azure Active Directory can help you achieve that scale. The identity management features it offers can also help organizations properly secure their applications and ensure regulatory compliance, all while cutting costs.

Need help managing your Azure environment, including Active Directory? Otava can help. Contact us today to get started!

  • This field is for validation purposes and should be left unchanged.