twitter  facebook  linkedin

Historically, as we have moved from on-premises directories to the cloud, the identities have been ‘homed’ or sourced from the on-premises directory. Now, as more services and users are internet-based or internet-first, there is reduced reliance on the on-premises directory for authorization. 

The concept of Identity Inversion, or ‘AD as an App,’ is that we move from homing accounts in on-premises AD to homing those accounts in Azure AD. 

Moving the center of identity and authentication away from on-premises directories provides many security and operational benefits, including limiting the possibility of accounts being accidently provisioned to Azure AD with privileged access. 

In this webinar, OCG Principal Architect Mark Riley explores:

  • Treating our AD domains as an app
  • Provisioning users as needed and removing when access is no longer required
  • Privileged Account Management via just-in-time provisioning
  • The security benefits of the model