I’m excited to write more about Banyan Security’s new partnership with Microsoft to help accelerate enterprise Zero Trust security adoption.
Today, most organizations are migrating their Identity and Access Management (IAM) away from traditional on-premises Active Directory to cloud IDPs such as Microsoft Azure AD. These cloud IDPs then serve as the employees’ portal to authenticate into multi-tenant SaaS applications such as Microsoft Office 365, Google Workspace (aka G Suite), Salesforce, and Dropbox. Employees enjoy a great user experience with click-button access from any browser, while the organization benefits from strong Zero Trust security using tools such as Azure AD Conditional Access, Risk Based Authentication and Microsoft Authenticator MFA that combines user trust, device trust, and application policies.
Many Sensitive Corporate Resources are NOT Multi-tenant SaaS
But not all corporate applications used by an enterprise workforce are multi-tenant SaaS accessible via the public internet – they require network connectivity and access controls that go beyond what Azure AD provides. This is particularly true in technology companies that build and deploy their own software, manage development tools and administer server infrastructure. Access to these internal applications and services is managed using networking tools like VPNs and Bastion hosts, often combining arcane authentication protocols with complex network segmentation rules.
A significant challenge faced by many IT teams today is to extend the Zero Trust security model that Azure AD enables into these hosted corporate applications, infrastructure and legacy environments. How do you maintain a strong security posture, while delivering the “cloud-like access” experience to applications deep in a datacenter? How do you simplify access provisioning and support approval workflows for infrastructure in the cloud?
This is where Banyan comes in.
Banyan brings the same one-click experience that Azure AD provides for multi-tenant SaaS applications to your corporate infrastructure – be it in the datacenter, on-premises, or IaaS. You can now modernize network access and roll out Zero Trust security as part of your overall Azure AD migration strategy.
Dead Simple Deployment with Zero Trust Security
Banyan’s modern cloud-based architecture allows you to quickly provision access into datacenter and IaaS environments. Just deploy a simple Banyan component on a server in the datacenter or IaaS clusters where your corporate resources are hosted. After that, you can provision access to your resources using our Cloud Command Center web interface or APIs. Banyan enables Zero Trust security, ensuring every access to your corporate resources is explicitly authenticated and authorized. No more logging into traditional VPNs and Bastions and manually updating keys and ACLs.
Because Banyan has built-in integrations with Azure AD to establish user trust, you can manage access policies for your servers and internal applications just the way you do for other applications in Azure AD using Azure AD groups. For example, you can quickly provision secure access for BYOD and third parties to specific applications without ever giving them VPN access to the corporate network.
Banyan provides native desktop and mobile apps, and also integrates with other tools in the Microsoft ecosystem such as Endpoint Manager and Defender for Endpoint, so you can establish device trust and quantify overall security posture with a trust score. Now you have trust-based access control policies that account for user identity as well as device trust and posture, significantly improving security.
By pairing Banyan with Azure AD, access to hosted corporate applications and infrastructure is restricted by policy to trusted users on trusted devices, delivering a Zero Trust security model for your organization. Best of all, your users now gain a “cloud-like access” experience that doesn’t involve logging into VPNs and Bastions. See how easy it is for an Azure AD user to access a Linux server hosted in a datacenter…
“Banyan Security’s integration with Azure AD extends zero trust access controls to all types of resources, making it easier to stay secure in the hybrid work environment.” – Sue Bohn, partner director, Microsoft Identity at Microsoft.
Ready to extend your Azure AD investment to deliver Zero Trust security? Read up on how you can get started in the Microsoft Secure Hybrid Access docs, or try it for yourself via the Banyan Test Drive. We look forward to accelerating your Zero Trust journey!
The post Extending your Microsoft Azure AD investment to implement Zero Trust for hybrid environments first appeared on Banyan Security.
*** This is a Security Bloggers Network syndicated blog from Banyan Security authored by Tarun Desikan. Read the original post at: https://www.banyansecurity.io/blog/extending-your-microsoft-azure-ad-investment-to-implement-zero-trust-for-hybrid-environments/