Issue link: https://insights.oneneck.com/i/1463084
Cloud anywhere: Azure for hybrid and multicloud environments 14 Hybrid fundamentals 02. Identity and access management Today, corporations are using a more complex mixture of on-premises and cloud applications, with workers requiring access across environments, making integrated management critical. Identity solutions should leverage a common user identity for authentication and authorization to all resources, regardless of location. We call this hybrid identity. Choosing the correct authentication method is the first concern for organizations wanting to move their applications to the cloud. The authentication method is a critical component of an organization's cloud infrastructure; it's the foundation of all the other advanced security and user experience features in Azure Active Directory (AD). Identity is the new control plane, giving the business control amid the chaos of users, devices, and a variety of connected endpoints, including applications, sensors, and bots. To choose an authentication method, you need to consider the time, existing infrastructure, complexity, and cost of implementing your choice. These factors are different for every organization and will likely evolve. Azure AD supports the following authentication methods for hybrid identity solutions: • Cloud authentication: Azure AD handles the user sign-in process, which, coupled with seamless single sign-on, allows users access to cloud and on- premises applications without having to reenter their credentials. With Azure AD password hash synchronization, users can use the same username and password that they use on- premises without having to deploy any additional infrastructure, gaining the additional benefit that passwords are not stored in the cloud, which can help satisfy regulations and protect against outages. With Azure AD Pass-through Authentication, the servers validate the users directly with your on-premises Active Directory, which ensures that the password validation doesn't happen in the cloud and which may be required by industry or government regulations.