identities and governance
For the past 10 months, I've been working towards the Microsoft AZ-104 certification. Balancing the responsibilities of being a father, husband, and IT professional, finding time to study has been a challenge. However, with the arrival of summer and a slight slowdown in schedules, I'm ready to dive back in.
As well as passing the AZ-104, my plan is to write a series of five blogs, each focusing on one of the five areas of the AZ-104 training sections, starting here with Identity and Governance.
The building blocks of any organization's security is ensuring the right people have access to the right data. In the realm of IT, I've dabbled in a bit of everything, mastering none but gaining a broad understanding of many areas. Identity and user access management is no exception. My experience is primarily with Windows and Microsoft Active Directory Domain Services (ADDS), but it's been a few years since I've created new security groups or administered access for users.
With the recent rebranding of Azure Active Directory (AAD) to Microsoft Entra, it's clear that Microsoft is committed to providing the most secure access experiences for its customers. From what I've gathered, Microsoft Entra and Azure AD are virtually identical and can feed into each other, eliminating the need to manually update both user directories. Azure also offers Role-Based Access Control (RBAC) user groups, similar to Windows user groups, where you can assign different permissions based on roles. For more information about this change, you can read the Microsoft blog post about the rebranding.
One area that I anticipate will require some extra effort to understand is the use of Azure tags to assign security roles to the various resources within Azure. The sheer volume of resources available within Azure can be a bit overwhelming. Another topic that warrants further review is how governance can span subscriptions and groups. Preventing IT Drift is a primary concern of IT leaders everywhere and one of the benefits of leaning into standardization.
Even though my current role doesn't require logging into the Azure portal or calling the Graph API, the benefits of expanding my knowledge of Azure are obvious. On several occasions, while performing my duties as an Incident Response Lead, a role defined within the IT Service Management (ITSM) framework, I have been able to advise or recommend potential solutions, but more importantly, keep up with the deeply technical conversation among different teams and departments without feeling like a hindrance. As part of the Incident Response team, the deeper understanding of "the cloud" and the knowledge I've gained from the AZ-104 training has been empowering.
In the modern technology era, the importance of identity and governance cannot be overstated. It's not just about knowing who has access to your data, but also about ensuring they can only access the information they need. This is where Microsoft Entra comes into play, providing a secure access experience for everyone.
In conclusion, it's a great feeling, both personally and professionally, knowing that I can continue to add value to an organization I care so much about. The journey through the AZ-104 training has been challenging but rewarding, and I look forward to sharing more insights in my upcoming blogs.
