Feb 16, 2022
53 Views
0 0

Should Microsoft Own Your Identity?

Written by

The Home of the Security Bloggers Network
Home » Cybersecurity » Cloud Security » Should Microsoft Own Your Identity?
Microsoft has recently demonstrated behavior that has alarmed veteran industry watchers. IT admins should take this into account prior to trusting Microsoft to “own” their users’ identities over the long term. It also “owns” their productivity tools, their data, and has a history of embracing and extending standards and services around its products. The cost of time and resources to switch to alternative solutions is compounded, which is not a situation most small and medium-sized enterprises (SMEs) would want to find themselves in as their IT organizations grow and mature. 
But this blog post isn’t about feature parity or adherence to open standards: it’s about vendor risk and control. If your eyes are as good as mine, Microsoft’s primary motivation seems to be to connect users to other Microsoft products; its identity services are mainly focused on connecting its customers to its products rather than enabling them to easily connect to what they want. That’s not necessarily aligned with the requirements of SMEs, which benefit from shopping around an open marketplace. I was once part owner of a manufacturing company and we had a global network of suppliers to avoid putting our eggs into one basket. Buying 100% of our (fire sprinkler) frames from a single vendor would have given it extraordinary control over price and order size, which would have inevitably led to a significantly more disruptive cost to switch. Diversification helps SMEs manage supply chain (vendor) risk.
Risks can spiral if the supplier also owns your ID and is the “airline,” i.e., controls the services that make your business possible. Say you want to fly another airline… Microsoft’s “passport” must now be involved. A Google Workspace shop is required to add Azure AD to their environment in order to simply use Microsoft Excel, Word, or PowerPoint. That’s not something I’d imagine they’d want for themselves. Microsoft 365 users can easily connect to Microsoft services, but what about alternative products — how easy is it for Microsoft users to do what they need to with Google Workspace or AWS?
IT departments need direct, cost-effective access to (Read more…)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by David Worthington. Read the original post at: https://jumpcloud.com/blog/should-microsoft-own-your-identity

More Webinars

source

Article Categories:
Cloud Security

Comments are closed.