“Protecting identities and access is critical. As our work and lives become increasingly digital, cyberattacks are becoming more frequent and more sophisticated, affecting organizations of every size, in every industry, and in every part of the world. In the last 12 months, Microsoft saw an average of more than 4,000 password attacks per second, an almost threefold increase from the 1,287 attacks per second Microsoft saw the previous year. Microsoft are also seeing far more sophisticated attacks, including ones that manage to evade critical defenses, such as multifactor authentication, to steal access tokens, impersonate a rightful user, and gain access to critical data.”
Microsoft Entra identity security access products protects both internet and private network access using Zero Trust principles without the need for VPNs or third-party solutions:
Microsoft Entra Private Access
Allow users to access apps in your private network from anywhere. Access can quickly be granted to all apps within a specified IP range to accelerate deployment and reduce the need for using VPNs that grant unlimited access to the entire corporate network.
Microsoft Entra Internet Access
Microsoft Entra Internet Access - M365
Microsoft 365 Access provides data exfiltration controls using universal tenant restriction, token theft protection using the compliant network check, improved performance and increased visibility into Microsoft 365 access.
Think of Microsoft Entra Private and Internet Access as a firewall and VPN in the cloud. Both Microsoft Entra Private Access (MEPA) and Microsoft Entra Internet Access (MEIA) utilise Microsoft’s Security Service Edge (SSE) which contains Continuous Access Evaluation (CAE), CAE allows access tokens to be revoked based on critical events and policy evaluation rather than relying on token expiry based on lifetime, therefore instantly blocking internet and private access.