1 Executive Summary
The ability to manage and govern access to IT resources has become paramount in the digital age due to the rapid increase in the number of people and things accessing a growing number of services and other IT resources, especially in the light of relentless cyber threats and the need to comply with a growing number of data protection regulations around the world. In the face of this challenge, organizations are looking for the quickest and easiest way to achieve comprehensive access management and governance. As a result, many are turning to identity as a service (IDaaS) offerings. Microsoft’s Azure Active Directory (AAD) is already widely deployed through Office 365 and is therefore an attractive option to many organizations for broader adoption. While AAD has several strengths, particularly in terms of meeting access management requirements, most editions are relatively weak when it comes to access governance. In addition, AAD also has a strong focus on integration with a Microsoft-only technology stack. Due to these and other critical considerations, AAD is not a perfect solution for all organizations, particularly those with heterogenous IT environments and a strong requirement for access governance. These organizations, therefore, should look beyond AAD to more specialized service that meet their needs.