Entra ID

Microsoft Entra RSAC 2026 Identity Security Updates

3 min lukuaika

Yhteenveto

At RSAC 2026, Microsoft announced major Microsoft Entra updates aimed at securing not only users and devices but also AI agents, workloads, and modern multi-tenant environments. The new capabilities—such as expanded Entra Agent ID governance, shadow AI detection, prompt injection protection, passkey enhancements, and adaptive risk-based access—matter because they strengthen Zero Trust identity security as organizations adopt AI and face more dynamic access risks.

Tarvitsetko apua Entra ID-asioissa?Keskustele asiantuntijan kanssa

Introduction

Microsoft’s RSAC 2026 Entra announcements reflect a major shift in identity security: organizations now need to protect not just users and devices, but also AI agents, workloads, and multi-tenant environments. For IT and security teams, these updates reinforce Microsoft’s push toward an identity-first, Zero Trust access fabric that can evaluate risk continuously and respond in real time.

What’s new in Microsoft Entra

Protecting AI agent identities

Microsoft is expanding Microsoft Entra Agent ID as the identity foundation for Microsoft Agent 365. New capabilities include:

  • ID Governance access packages integrated into Agent 365 Security Policy Templates
  • Conditional Access policy extensions for agents acting on behalf of users
  • Real-time access decisions based on risk signals and custom security attributes

This brings agent identities closer to the same governance and access controls already used for users, apps, and devices.

Securing employee access in the AI era

Microsoft Entra Internet Access is gaining several important controls for AI usage:

  • Shadow AI detection to discover unsanctioned AI apps and enforce Conditional Access policies
  • Prompt injection protection to block malicious prompts
  • Synced passkeys and passkey profiles now generally available
  • Microsoft Entra Passkeys on Windows in preview
  • External MFA integration now generally available for third-party MFA providers
  • Adaptive risk remediation coming generally available in April 2026 for self-service recovery across authentication methods

Together, these updates support phishing-resistant authentication and tighter governance over AI-enabled access.

Strengthening the identity foundation

Microsoft also introduced new resilience and governance features for complex tenant environments:

  • Microsoft Entra Backup and Recovery for point-in-time restore of critical directory objects (preview)
  • Microsoft Entra Tenant Governance to discover, monitor, and govern multi-tenant estates (preview)
  • Tenant configuration API for JSON-based configuration baselines (preview)
  • Cross-tenant group synchronization for governed access across related tenants (preview)

Why this matters for IT admins

These announcements are especially relevant for administrators managing hybrid identity, Zero Trust initiatives, and growing AI adoption. The addition of controls for agent identities helps close a gap that many organizations are only beginning to recognize, while backup, recovery, and tenant governance features address operational risk in large or distributed Microsoft environments.

For end users, the impact should be more seamless and secure access through passkeys and adaptive remediation, with less dependency on passwords and help desk intervention.

Action items

  • Review where AI agents and unsanctioned AI tools are already in use across your environment.
  • Evaluate passkey deployment readiness, especially for Windows-based users.
  • Identify whether external MFA integration could simplify your current authentication architecture.
  • Plan for preview testing of Backup and Recovery and Tenant Governance if you operate multiple Entra tenants.
  • Reassess Conditional Access strategy to account for non-human identities and new risk signals.

Microsoft’s RSAC 2026 message is clear: identity security must now extend across people, apps, devices, and AI agents alike.

Tarvitsetko apua Entra ID-asioissa?

Asiantuntijamme auttavat sinua toteuttamaan ja optimoimaan Microsoft-ratkaisusi.

Keskustele asiantuntijan kanssa

Pysy ajan tasalla Microsoft-teknologioista

Lue alkuperäinen artikkeli kirjoittajalta Irina_Nechaeva
Microsoft EntraAI agentsConditional AccesspasskeysZero Trust

Aiheeseen liittyvät

Entra ID

Microsoft Entra Backup and Recovery Enters Preview

Microsoft has launched Microsoft Entra Backup and Recovery in public preview, giving organizations a Microsoft-managed way to restore critical identity objects and configurations to a known-good state. The service helps IT teams recover faster from accidental admin changes, provisioning errors, and malicious modifications that could otherwise disrupt access and security.

Entra ID

Microsoft Entra External MFA Now Generally Available

Microsoft has announced general availability of external MFA in Microsoft Entra ID, allowing organizations to integrate trusted third-party MFA providers using OpenID Connect. The feature lets IT teams keep Microsoft Entra ID as the central identity control plane while maintaining Conditional Access, risk evaluation, and unified authentication method management.

Entra ID

Microsoft Entra Secure Access Report 2026 on AI Risk

Microsoft’s Entra Secure Access Report 2026 says AI adoption is significantly increasing identity and network access risk, with 97% of organizations reporting an access-related incident in the past year and 70% tying incidents to AI activity. The report argues that fragmented identity and network tools are making the problem worse, which matters because more organizations are now moving toward consolidated access platforms to better secure AI tools, agents, and machine identities.

Entra ID

Entra Conditional Access: All resources muuttuu 2026

Microsoft muuttaa Entra ID:n Conditional Accessin toimintaa niin, että ”All resources” -kohdistetut käytännöt pannaan vuodesta 2026 alkaen johdonmukaisesti täytäntöön myös kirjautumisissa, joissa asiakassovellus pyytää vain OIDC- tai rajattuja directory-scopeja ja vaikka käytännössä olisi resurssipoissulkuja. Tämä on tärkeää, koska aiemmin osa kirjautumisista saattoi ohittaa CA-arvioinnin, mutta muutoksen jälkeen organisaatioiden on syytä testata vaikutukset etukäteen, sillä käyttäjille voi alkaa ilmestyä uusia MFA-, laitevaatimustenmukaisuus- ja muita käyttöoikeushaasteita.

Entra ID

Microsoft Entra Access Priorities -webinaarisarja 2026

Microsoft julkaisee vuonna 2026 neliosaisen Entra Access Priorities -webinaarisarjan, joka auttaa IT-tiimejä viemään identity- ja käyttöoikeusstrategiat käytäntöön demojen, mallien ja tarkistuslistojen avulla. Sarja painottaa phishing-resistant-autentikointia, adaptiivista pääsynhallintaa, Zero Trust -valmiuksia ja AI-aikakauden käyttöoikeuksien suojaamista, mikä on tärkeää, koska identiteetistä on tullut keskeinen tietoturvan ohjauspiste käyttäjille, sovelluksille, laitteille ja AI-työkuormille.

Entra ID

Microsoft Entra Internet Accessin AI-suojaus Preview

Microsoft toi Entra Internet Accessiin Public Preview -vaiheessa secure web & AI gatewayn, joka lisää AI-tietoisen valvonnan ja käytäntöjen toimeenpanon verkkokerrokseen osana SASE-ratkaisua. Uutuudet, kuten Shadow AI Detection ja Purview-integraatioon perustuva tiedostosuodatus, auttavat yrityksiä tunnistamaan luvattomat AI-työkalut, estämään arkaluonteisen datan vuotoa ja hallitsemaan AI:n käyttöä identiteettilähtöisesti ilman sovellusten uudelleenkirjoitusta.