The threat landscape is evolving rapidly, with identity-related breaches being the most common type of cyberattack. According to Deloitte, 91% of all cyberattacks begin with a phishing email to an unsuspecting victim, and 32% of all successful breaches involve phishing techniques. This reality highlights the critical need for robust identity protection mechanisms in any digital strategy.

Historically, users of Microsoft Entra ID have leveraged its strong Conditional Access capabilities to secure their digital environments. These features have provided a solid foundation in a landscape where security needs are continually evolving. To further enhance the robust security framework, Microsoft has extended its capabilities with the introduction of the External Authentication Methods (EAM) capability within Microsoft Entra ID. This strategic innovation builds on the existing strengths of the Microsoft ecosystem. It empowers admins to choose their preferred authenticator, even if it’s not from Microsoft. This ensures a more integrated and comprehensive approach to authentication and identity management.

This new feature enhances security by integrating with Entrust IDaaS to provide high assurance multi-factor authentication (MFA) systems. This integration not only addresses the pressing challenges of account takeover (ATO) attacks but also strengthens the overall security posture without disrupting user experience or operational efficiency.

Natee Pretikul, Principal Product Management Lead at Microsoft Security, says about the advancement: “We’re thrilled to announce the integration of Entra ID External Authentication Methods with Entrust, one of the leading MFA vendors with high assurance, phishing-resistant capabilities in the market. This integration will provide our customers with even more flexibility and choice when it comes to securing their systems against the rising threat of phishing attacks.”

Why the New EAM Capability Matters

  • Enhanced Security Framework: The EAM capability within Microsoft Entra ID allows for a comprehensive security setup that supports a wide array of authentication methods. This adaptability is crucial for defending against varied and evolving cyber threats.
  • Streamlined Integration: By seamlessly connecting with Entrust IDaaS, Microsoft Entra ID now supports an array of cutting-edge authentication processes, including AI-driven biometric verification and risk-based adaptive authentication. These capabilities are essential for organizations looking to bolster their defenses against the most sophisticated of attacks.
  • User-Centric Design: The integration ensures that security measures do not impede user accessibility or operational workflows. This balance is vital for maintaining productivity while ensuring robust security measures are in place.

Entrust IDaaS offers advanced, high assurance, passwordless MFA options that eliminate the use of passwords – one of the weakest links in security chains. Our unique MFA authenticators coupled with a risk-based approach, such as high assurance PKI-based mobile smart credentials, as well as FIDO2 keys, and passkeys, provide phishing-resistant solutions that significantly enhance protection from advanced cyber threats like SIM swap, MFA prompt bombing, and adversary-in-the-middle (AiTM) attacks. In addition, our risk-based adaptive step-up authentication with AI-driven facial biometrics and global IDV helps secure privileged action and high-value transactions.

Entrust offers a wide range of authenticators for a variety of use cases. For environments where mobile device use is restricted or users need offline authentication, Entrust’s MFA Grid Card Authentication offers an effective alternative. This solution is unique to every user, easy to manage, and has been proven in extensive deployments. Additionally, our platform supports a managed risk engine, which uses configurable policies to balance security and user experience precisely tailored to individual scenarios.

Looking Ahead

Building on a strong partnership with Microsoft, our collaboration sets a new standard for identity management solutions. As cyber threats evolve, so too does the need for dynamic and resilient security strategies. The integration of Entrust IDaaS with Microsoft Entra ID represents a forward-thinking approach to these challenges, ensuring that businesses can protect their most valuable assets – user identities – from the ever-present risk of cyber threats.

Entrust’s integrations with Microsoft products extend to several key areas, including PKIaaS with Microsoft Intune, nShield with Microsoft ADCS for enhanced PKI, as well as comprehensive solutions like PKIaaS and nShield or KeyControl with Microsoft Key Vault, and nShield or KeyControl with Microsoft SQL Server. Each integration highlights our commitment to providing diverse and effective security solutions that cater to the contemporary challenges faced by businesses.

Stay connected as we continue to innovate and elevate the standards of identity security. Together, Microsoft and Entrust are not just responding to the digital threats of today but are actively preparing for the challenges of tomorrow. We are committed to transforming the landscape of identity security, paving the way for a safer digital future where businesses can thrive without the looming threat of identity theft.