As we start to roll into 2022, the one thing that will be on people’s mind’s is that of Cybersecurity.  It is expected that this year could be the same or even worse in terms of the intensity of attacks, especially that of Ransomware.  Another area which will get a close watch is software security, and compiling secure source code, even making use of third-party APIs.  Microsoft is at the forefront of this, with their product called “Microsoft Identity”.

What Is It?

Essentially, this is a tool that lets you build and compile software projects (typically those of Web based applications) in a very secure environment, with one key feature being that you, the project owner, has total control over who can get access to it.  For example, while others can sign in using their Azure Directory based credentials or even social logins, you can amp up the security as much as you think is necessary, using the tools that are available in Microsoft Azure.

For example, some of the security features that you can further implement include the following:

  • Passwordless Authentication;
  • Multi Factor Authentication (MFA);
  • The Zero Trust Framework;
  • Conditional Access, based upon the rules and conditions that you establish and implement.

While you can manually select these additional features that you want, Microsoft Identity will even offer a list of recommendations as to what should be implemented.  From there, it is just a matter of clicking what you want, and the tool will take care of everything else for you.

The Components That Make Up Microsoft Identity

In addition to helping you create a secure environment for your software project, there are other components which also help you to streamline the development process, and which even come with their own security features embedded into them as well. They are as follows:

  • The OAuth 2.0 and OpenID Connect Standard:

With this, end users who have access to your software project can further authenticate through the following means:

  • Use work or personal accounts, provided that they have been set up and approved in the Azure Active Directory;
  • Use other forms of M365 login credentials such as Xbox and Outlook.com;
  • Use Social Media accounts, once again assuming that they have been set up and approved in Azure Active Directory. This type of authentication makes use of the Azure Active Directory B2C protocol, which is illustrated below:

(SOURCE:  1).

  • The use of Open-Source Software:

By using the Microsoft Authentication Libraries (also known as MSAL), you can implement them into your source code (which makes use of open-source software), proving that they are Cyber       secure.

  • The Application Management Portal:

With this tool, any configurations or further changes made to the source code can be easily audited and tracked down.  To make this portal even more secure, separate login credentials have to be approved and set up by the IT Security team.

  • The Use of PowerShell:

You can make certain configuration changes to the PowerShell environment in order to help automate your Development Operations (also known as DevOps) processes.  The end result of this is that you can ramp up the creation of your source code while also taking into account the security protocols that you have set forth for the project.

  • Contains Developer Content:

There already exists a repository of technical documentation, and your software development team can even add in more content as they feel is necessary in order to aid in future software development projects.

The Typical Use Cases For Microsoft Identity

Some of these include the following:

  • Creating Single Page Apps;
  • Building a Web App that automatically will sign in users based on preset login credentials;
  • Creating Web App APIs that call up other, related APIs;
  • Creating Web protected based APIs;
  • The creation of these other apps:

*Desktop;

*Daemon;

*Mobile.

This is all illustrated in the diagram below:

(SOURCE:  2).

Conclusions

More information as to how you can use Microsoft Identity to build Cyber secure and robust software applications can be seen here.  As always, if you have any questions, please feel free to contact us.

Sources