Patient Zero for Microsoft Global Secure Access and Entra Suite

Back

As early adopters, baseVISION took a decisive step by acquiring licenses for Microsoft Entra Private Accessand the Governance Suite for all users. This strategic move marked the beginning of a transformative journey toward a fully integrated and secure identity infrastructure. 

We transitioned from manually managing users to a fully automated lifecycle management solution powered by Microsoft Entra ID. This shift enabled seamless provisioning and maintenance of users and groups throughout the entire employee lifecycle from our HR System (Zoho People). 

What once required hundreds of manual actions and was prone to data inconsistencies is now executed with a single click – ensuring consistency, accuracy, and operational efficiency. 

Onboarding information is automatically sent to user’s private email addresses, Managers get birthday calendar entries for their employees and devices are automatically offboarded from Microsoft Intune, Entra ID and Defender during the offboarding process. Additionally, user accounts are automatically created, maintained and deleted in third party apps which don’t support SCIM or OIDC based provisioning.  
 
Entitlement management is leveraged to ensure that every role within baseVISION gets just the right permissions to carry out their work. Access reviews and requestable access packages paired with Custom Extensions ensure that access is properly governed and automatic actions are executed upon assignment or unassignment.  

With Microsoft Entra ID Governance, we successfully streamlined our identity lifecycle processes and significantly reduced manual effort. Lifecycle workflow delivers a state-of-the-art Joiner, Mover, and Leaver experience. Entitlement Management ensures employees receive the right access precisely when needed through. Thanks to its effortless integration with both cloud and on-premises environments, implementation was fast, smooth, and aligned perfectly with our existing ecosystem.

Janic Verboon, Endpoint Consultant
baseVISION AG

Reports such as from our baseVISION Security Operation Center, the Microsoft Digital Defense Report and the Swiss NCSC highlight that phishing remains a frequent method for initiating cyber attacks. In response, we implemented phish-resistant authentication, which decreased our vulnerability to phishing attempts. This initiative not only enhanced overall security and supported confidence within our digital ecosystem but also simplified user onboarding since we no longer need to distribute passwords over unsecure channels. We recommend everyone to start the phish-resistant authentication journey as soon as possible. 

Start simplifying and securing authentication

Additionally, we utilise Microsoft Entra Private Access to safeguard assets, facilitate remote connectivity, and eliminate reliance on third-party VPN solutions. This approach mitigates the risk of data leakage by implementing a secure transport layer and enforcing access controls founded on Zero Trust principles with Conditional Access. 

Start your Global Secure Access Enablement
Our journey exemplifies how Microsoft’s Global Secure Access – anchored in Zero Trust principles – and the Microsoft Entra Suite can deliver tangible improvements in governance, security, and operational agility.