This is true, but going away rapidly and being replaced by Entra ID (formerly Azure Active Directory).
The big difference is that a breach of any single Entra ID connected service doesn’t give attackers widespread access to unrelated systems sharing the same tenant. For comparison, once you’ve got a foothold on an Active Directory domain member, it’s surprisingly easy to move horizontally to the rest of the network.
The big difference is that a breach of any single Entra ID connected service doesn’t give attackers widespread access to unrelated systems sharing the same tenant. For comparison, once you’ve got a foothold on an Active Directory domain member, it’s surprisingly easy to move horizontally to the rest of the network.