Skip to content
Blog

Accelerate Your Zero-Trust Journey with Microsoft Entra Solutions

Laatste update: 17 oktober 2024

Go to the Dutch version of this page!

Microsoft Entra Internet & Private Access are crucial products in the zero-trust journey of our customers and a strong focus point for us, as we believe securing access to the internet and providing segmented network access is critical in today’s world!”


InSpark was announced as a ‘Product Launch Partner’ for Microsoft Entra Internet & Private Access. This partnership means that we, at InSpark, are your ‘go-to expert’ for questions, challenges, and implementations when it comes to securing access to the internet or local network access for your end users. As the #1 Identity Partner we have deep knowledge and experience, in identity and network access where we can provide our customers with a strong advice on how to implement both products in their environment and support them to go from ‘Zero-to-Hero’, replace existing network security products (like Zscaler or Netskope) or let them run side-by-side.

As a ‘Product launch partner’ we work very closely with the Microsoft product teams of Entra Internet Access & Private access. We actively participate in lots of private previews to provide feedback based on our field experience. With that we can improve both product features of Microsoft, bring in new ideas, report bug fixes and provide you and other customer with important product updates which are critical in today’s world when it comes to securing network access.

What is Entra Internet & Private Access?

Microsoft Entra Internet Access and Microsoft Entra Private Access is the Security Service Edge (SSE) solution of Microsoft. When referring to both products the unifying term used is Global Secure Access. Gartner defines SSE as a solution that secures access to the web, cloud services and private applications regardless of the location of the user or the device they are using or where that application is hosted. Microsoft introduced the Entra Internet Access and Entra Private Access products to provide an identity-centric Zero Trust Network Access approach. Of these products Internet Access is focused on secured access to Microsoft 365, SaaS, and public apps, while Private Access is focused on secured access to private or internal resources.

Internet Accesspoint

Why Entra Internet Access is important?

Microsoft Entra Internet Access is with its release a fundamental part of the zero-trust architecture which companies must adopt. Internet Access provides two main key functionalities, protection for Microsoft 365 resources and protection for regular Internet Access.

Entra Internet Access for Microsoft 365 prevents tokens, stolen by phishing or malware, from being replayed against SharePoint Online and Exchange Online. This offers organizations a strong additional layer of security which makes sure data and emails can’t be accessed by attackers, even though the user was phished or infected by malware.

Entra Internet Access for regular Internet Access prevents your users from visiting malicious websites or web categories which you don’t allow your users to visit. This offers organizations a strong additional layer of security which protects users from accessing malicious content available on the internet or visiting gambling sites on their work device.

Today, we still see companies ignoring the importance of securing the internet access for their users and allowing users to visit malicious sites which makes them vulnerable for token replay, token theft and with that allow attackers an easy way in. Entra Internet Access, as described above, drastically reduce the risk of a breach in your environment and is therefore a key element in your zero-trust strategy and implementation.

Why Entra Private Access is important?

Microsoft Entra Private Access is crucial in today’s digital world when we talk about providing secure access to local network resources. Private Access provides the key capability to limit down the network access a user has, to only the required FQDNs, IPs and Ports the user needs to access an application or resource. This makes sure that segmentation of network access is not only applied in the local network or Azure Landing Zones but also for remote peers.

Unfortunately, we still see companies exposing themselves to a big risk by using VPN or Remote Desktop solutions to provide access to entire network segments. This while all it takes is one single compromised user or device to gain access and hold hostage of everything in your network. With Entra Private Access we can now offer organizations a strong additional layer of security which drastically decreases the risk of a breach in your environment and is therefore a must have in the zero-trust strategy and implementation.

Our approach

We understand that implementing Entra Internet Access and Private Access can become a complex process. As product launch partner we have extensively tested the product from its initial phases and converted our insights into practical solutions to simplify this process for you. Our approach involves breaking down the implementation into several phases. By taking it step-by-step, we ensure a smooth and efficient implementation and transition by using:

  • Our Entra Internet & Private Access readiness assessment – In which we look at the current state of your environment and device readiness.
  • Our Entra Internet and Private Access workshops  In which we discuss the outcomes of the readiness assessment and show the possibilities of both Entra Internet Access and Private Access features and decide together on the way forward.
  • Our Entra Internet and Private Access roadmap – In which we visualize the outcome of the workshop and your way forward in a roadmap which is split into different phases.
  • Our Entra Internet and Private Access step-by-step implementation –Based on the roadmap we will start the implementation on a step-by-step phased approach as visualized within the roadmap fully tailored to your requirements. An example of a step-by-step implementation approach could be:
    1. Entra Internet Access for Microsoft 365 – Protecting against token replay.
    2. Entra Private Access using Quick Access – Replacing and securing your VPN solution.
    3. Entra Internet Access for regular internet access – Protecting users from visiting malicious web sites.
    4. Entra Private Access traffic analysis – Discover traffic flows and trends to migrate application access to a least privilege model.
    5. Entra Private Access migration to per-app access – Implement the discovered flows and trends for application access based on least privilege.
  • Our Entra Internet and Private Access Support & Adoption – At the end of each implementation we will educate end-users and administrators and provide ongoing support including behavior change detections via our Cloud Security Center.

With the above step-by-step approach, we deliver faster results and ease the process for you as a customer and with that touch base and accelerate your organizations security with one or more Entra Internet or Private Access features

Interested?

Have we sparked your interest, or do you have questions? We are more than happy to talk to you and help you on your zero-trust journey with Microsoft Entra Internet and/or Private Access! Please reach out to pim.jacobs@inspark.nl or jelmer.vorstenburg@inspark.nl!