Multi-Factor Active Authentication on Windows Azure Active Directory

Active Authentication on Windows Azure Active Directory--built on PhoneFactor service--allow enterprises to secure employee, partner, and customer access to cloud apps with multi-factor authentication. Dynamics NAV 2013, Dynamics GP 2013 ERP products released.

Active Authentication - that's the code name for a new Windows Azure service announced and that will enable enterprises to secure employee, partner and customer access to cloud applications with multi-factor authentication.

"Active Authentication is built on the industry-leading PhoneFactor service which Microsoft acquired last fall," Sarah Fender, a director in Windows Azure, says. "It offers the strong security your company requires, yet is super easy to set up, manage and use" including:

  • "Rapid Set Up: Simply add the service to your Windows Azure AD tenant and turn it on for your users. Or, add the service to your custom applications using just a few lines of code.
  • Automated Enrollment: Windows Azure AD users enroll their own phone numbers and set authentication preferences during the standard sign in process. There are no tokens to provision and ship, so you can quickly enable the service for users around the globe.
  • Scalable: The reliable, scalable service supports high-volume, mission critical applications and large-scale employee, partner, and customer deployments."

With Active Authentication "companies can enable multi-factor authentication for Windows Azure Active Directory identities to help secure access to Office 365, Windows Azure, Windows Intune, Dynamics CRM Online and many other apps that are integrated with Windows Azure AD," Fender added.

"Developers can also use the Active Authentication SDK to build multi-factor authentication into their custom applications and directories."

Fender says that active authentication works by adding an extra step to the sign in process. "After a user enters their username and password, they are required to also authenticate with the Active Authentication app on their mobile device or via an automated phone call or text message. This helps prevent unauthorized access to data and applications in the cloud - reducing the risk of a breach and enabling regulatory compliance," explains Fender.

In addition, the service offer flexible billing options including: "Per user, per month: Pay by the number of users you enable for multi-factor authentication each month," or "Per authentication: Pay by total number of authentications used each month."

Microsoft notes, that during the preview, "active authentication" is available on a 50% discount (off the anticipated prices at GA)--and it makes it "$1.00 per user per month," or "$1.00 for every 10 authentications depending."

Update 06/15: In addition, this week Microsoft also released some great updates to Windows Azure that make it significantly easier to develop mobile applications that use the cloud.

All of these improvements are now available to use immediately (note: some are still in preview).

The new capabilities include:

  • "Mobile Services: Custom API support
  • Mobile Services: Git Source Control support
  • Mobile Services: Node.js NPM Module support
  • Mobile Services: A .NET API via NuGet
  • Mobile Services and Web Sites: Free 20MB SQL Database Option for Mobile Services and Web Sites
  • Mobile Notification Hubs: Android Broadcast Push Notification Support," informs Microsoft.

Microsoft Open Technologies, Inc., have built a search engine infrastructure using Apache Solr "that is managed by an external implementation of Apache ZooKeeper to ensure scalability with reliability, and consistent search results for every search, regardless of which search servers may be accessible at any time," informs MS OT.

You can find all the details in this tutorial and once you've completed the tutorial you will have multiple Solr instances (called SolrCores) synchronized across more than one server, with synchronization managed by ZooKeeper.

Drill down into building applications using Azure Active Directory Identity:

Update 06/18: Microsoft today announced two of its ERP products "Dynamics NAV 2013" and "Dynamics GP 2013" are now available.

Hosted on Windows Server virtual machines on Windows Azure, both will be sold via Microsoft certified partners, not by Microsoft itself, as the company indicated would be the case.

"End users can access the cloud-hosted versions via the Web or desktop clients, either from the office or on the go using mobile devices."

"Over the past several months we've been working closely with our first 'go-live' customers and partners, as well as with the Windows Azure team, to develop guidance and tooling to ensure a great experience deploying on Azure. That work is now complete," said company officials.

Microsoft plans to make its two other ERP wares "Dynamics AX" and "Dynamics SL" -- available on Windows Azure at some point in the future, officials have said.