Governance in Azure AD

Azure Privilege Identity Management

Governance in Azure AD focuses on managing identities, access, and administrative privileges to ensure security, compliance, and efficient operations. Key aspects of governance in Azure AD include:

1. Govern Identity Lifecycle: This involves managing the creation, maintenance, and deletion of user accounts throughout their lifecycle. It includes processes like user provisioning, role assignments, and offboarding. Identity lifecycle governance ensures users have the appropriate access when they join the organization and removes access when they leave.

2. Govern Access Lifecycle: This pertains to managing and controlling user access to resources over time. It involves controlling permissions, reviewing access rights, and ensuring users have the right level of access based on their roles and needs. Access lifecycle governance helps maintain least-privilege access and ensures that access is revoked when no longer needed.

3. Secure Privileged Access for Administration: This focuses on protecting access for administrative roles that manage sensitive resources. It includes using tools like Just-in-Time (JIT) access, Azure AD Privileged Identity Management (PIM), and MFA to ensure that only authorized and authenticated admins can perform high-risk operations, limiting exposure to privileged accounts.

Azure AD Life-cycle Governance