Microsoft, RSA Make Identity Security Push in the Age of AI
2 of the larger authentication statements to come out of the current RSA Conference both point in the same direction: Organizations need a more flexible, unified method to identity security, especially as AI representatives begin acting along with human employees.
Microsoft used the celebration to push its external multi-factor authentication (MFA) assistance in Microsoft Entra ID to basic schedule, while RSA Security announced a broadened collaboration with Microsoft developed around protecting what it calls the “AI workforce.”
Entra External MFA Hits GA
Microsoft’s external MFA function, is now normally available in Microsoft Entra ID, the company announced at this year’s program. The ability lets orgs plug third-party MFA suppliers directly into Entra ID without having to desert their existing authentication facilities or sacrifice Microsoft’s Conditional Gain access to policies.
The relocation is substantial for business that have actually invested in specialized MFA services to satisfy regulatory requirements, manage the intricacy of mergers and acquisitions or run across environments where Microsoft’s native MFA alternatives aren’t a fit. Constructed on the OpenID Connect (OIDC) requirement, external MFA works within the exact same admin console as Microsoft’s native methods, giving IT teams a single pane of glass for all authentication management.
Sign-ins using external MFA still travel through complete policy evaluation, consisting of real-time risk assessment. Microsoft stated administrators can line up authentication triggers with business goals through sign-in frequency and session controls, however warned that excessively aggressive reauthentication can really increase phishing risk by conditioning users to approve prompts without scrutiny.
Microsoft’s research study has actually pointed towards a stronger push for wider MFA adoption. The business’s data reveals MFA lowers the threat of account compromise by more than 99%. The external MFA function extends that security to organizations whose authentication stack sits outside Microsoft’s native environment.
RSA Moves to Protect the AI Workforce
RSA Security’s statement is tied to Microsoft’s recently released Microsoft 365 E7: The Frontier Suite, which bundles Microsoft 365 performance tools, Microsoft Copilot, Entra identity services and Agent 365, a governance platform for AI agents. RSA is placing its ID Plus for Microsoft offering as the identity trust layer that sits on top of that platform.
The pitch is simple but progressively immediate: as AI agents begin executing automated workflows, accessing sensitive data, and operating with privileged gain access to inside enterprise systems, identity governance can’t stop at human users. Research study shows non-human identities already surpass human users by an element of 17.
RSA’s identity trust layer for the E7 suite covers 3 areas: high-assurance, phishing-resistant authentication for human users; threat intelligence that examines contextual signals to flag suspicious gain access to attempts; and safe gain access to controls for privileged operations as AI representatives handle more self-governing jobs.
The business likewise validated it is readily available as an external MFA provider through Microsoft Entra’s freshly GA ‘d structure, meaning companies can deploy RSA authentication through the external MFA combination directly within Entra configurations.
What It Indicates for IT Pros
For admins running hybrid environments with legacy MFA financial investments, the Entra external MFA GA opens a cleaner migration course than the previous Custom-made Controls technique it replaces. The September 2026 deprecation due date for Custom Controls implies planning ought to begin now.
On the RSA side, the E7 combination story is more forward-looking– AI representatives as enterprise workers is still an emerging design, but it’s getting here quickly enough that identity teams would be smart to get ahead of it. Gartner has predicted 33% of business applications will consist of agentic AI by 2028, up from less than 1% in 2024. The security structures to govern those representatives, including consistent identity controls that mirror what’s currently applied to human users, are going to be a core IT challenge in the near term.