Microsoft Enhances External User Collaboration with Azure AD B2B

Azure AD B2B Collaboration is now generally available, allowing enterprises and their partner organizations to get on the same page while minimizing risks.

Microsoft Azure

Microsoft today announced the general availability of its Azure Active Directory (AD) B2B Collaboration feature set. As its name suggests, the toolkit, also part of the company's Enterprise Mobility + Security offering, enables business-to-business collaboration while enhancing security and preventing leaks of sensitive data.

Azure AD B2B Collaboration enables customers to extend the platform's secure identity management services to vendors, consultants and other partner organizations. Instead of creating a new locally-managed account for external users, businesses can invite them using their own email addresses and provide access to applications, shared documents and other resources.

The product supports any email address, including web-based Gmail and accounts. For added security, administrators can implement conditional access policies and switch on multifactor authentication.

Nasos Kladakis, senior product marketing manager of Identity and Access Management solutions at Microsoft, described Azure AD B2B Collaboration as the "perfect combination between security and collaboration." The solution helps administrators keep their directories tidier and safer, making their AD environments easier to manage and ensuring that short-term credentials don't overstay their welcome, he told eWEEK.

"While I'm making your life easier, at the same time, I'm protecting you," Kladakis added. The protections Azure AD offers organizations and their users is "now applied to the partners and vendors," regardless of the directory services or email systems they use.

Azure AD B2B Collaboration is one example of Microsoft's focus on identity as the "cornerstone of security." While businesses fortify their networks and grapple with locking down their devices, identity systems are often overlooked by IT security teams, Kladakis said.

Certainly, IT departments should be mindful of emerging threats and sophisticated hacking attempts, but not at the expense of user credentials, asserted Kladakis. Often, a large-scale data breach can be traced back to compromised identities.

The risk is compounded by the fact that businesses no longer tuck all their data away within the comparatively safe confines of their own networks, Kladakis said. Today, it's common for businesses to store valuable information on a variety of third-party cloud applications, collaboration suites and other services, not to mention their users' smartphones, tablets and other portable systems.

Reused login credentials and other weak security practices can provide attackers with countless avenues of obtaining critical data. And they don't always target administrators and high-level executives, Kladakis explained. An account belonging to an ex-employee or a temporary worker can provide the foothold they need to stage a breach.

With Azure AD B2B Collaboration, organizations can enforce enterprise-grade security and data leak prevention policies on any external user's accounts, Kladakis said. "Every identity matters" when it comes to safeguarding corporate data, he added.

Microsoft also announced today that Azure AD B2C (business-to-consumer) is available in Europe, allowing companies to comply with the EU's General Data Protection Regulation (GDPR) and other stringent privacy rules.

Azure Active Directory B2C enables companies to add secure identity services to their B2C cloud applications. "Organizations now have the option to use Azure AD B2C tenants that operate and store data only in European data centers," said Andrew Conway, general manager of EMS Product Marketing at Microsoft, in an April 12 announcement. "For all other regions, Azure AD B2C is available through the North American or European data centers."

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...