Microsoft 365®

Azure Active Directory

tenfold provides all the benefits an integration of Microsoft’s on-prem services could bring, even in the cloud. This is especially relevant to organizations who employ hybrid solutions and require that the privileges and identities located in the cloud and in their network can be managed centrally.

Not only does tenfold provide an interface to the local Active Directory, it also provides an interface to Microsoft’s cloud-based directory service Azure Active Directory. The integration of tenfold with Azure AD means all local identities and access rights as well as those located in the cloud can be managed centrally via tenfold’s intuitive user interface.

Advantages (CIOs, CISOs, IT Managers)

  • Improved cloud security thanks to processes that incorporate both on-prem and cloud systems.
  • Central hub for internal and external IT audits.
  • Adaptable software that always stays up to date with Microsoft’s innovations.

Advantages (IT Admins & Infrastructure)

  • Standardized user interface that facilitates a hybrid approach to user and group management.
  • Get an instant view of on-prem and cloud privileges.
  • The dashboard allows you to identify problems in the cloud configuration immediately.

Managing Cloud User Accounts

Pure cloud users without an account in your local AD are included in tenfold‘s user lifecycle management features. Automating the provisioning for online users is just as fast and easy as it is for local accounts. This helps save time by removing the need to log into the Azure AD Admin Center in order to make the required changes.

Provide Secure Access to Guest Users

tenfold allows you to invite guest users directly from its user interface. This empowers all departments to collaborate with guests in Microsoft 365 whenever they need, without having to first go through IT. The main security concern with guest users is making sure their accounts are deactivated when they are no longer needed. With new guests being invited for various purposes, it’s easy for admins to lose track of their accounts.

By including guest users and their permissions in tenfold‘s user access review process, you can be sure that guest accounts are closed once they’ve served their purpose. This helps keep your network secure and allows you to collaborate with business partners using Microsoft 365 without having to worry.

Control of Group Memberships in Microsoft 365

tenfold automatically assigns standard privileges and removes them again when user attributes (e.g. department or position) change. To do this automatically, the software utilizes roles. This method of access management is also referred to as role-based access management. The roles which are assigned to users serve as a control mechanism for access to company resources.

Screenshot of the IAM software tenfold's user interface showing the screen for controlling groups in Microsoft 365.

With tenfold‘s Azure AD® Plugin, you can now also use roles to control memberships in Microsoft 365 groups (the plugin supports all group types) and to have resources in the cloud assigned automatically. Users can request additional resources in the cloud via tenfold’s self-service feature. Such resource requests must be approved or rejected by the appointed data owner(s) as part of an approval workflow. The resources are also subject to regular user access reviews, also referred to as recertification.

Licensing and Apps

Further, roles in tenfold can be used to automatically assign users licenses and apps in Microsoft 365. Sometimes, users are deactivated before their licenses have been revoked. This is a problem which tenfold has found a solution to as well: the tenfold dashboard shows you right away whether there are any deactivated users who still hold a license.

Screenshot of the IAM software tenfold's user interface. It shows the screen where you can view details and memberships of individual users or groups.

Manage Exchange® Online

The Exchange® (Online) Mailbox Lifecycle Plugin automates the administrative tasks involved in managing Exchange Online mailboxes and reduces the time required for admins to complete joiner-mover-leaver processes. tenfold creates a new mailbox automatically with each Microsoft 365 license assignment.  If a person leaves the company for good, tenfold automatically archives or deletes that person’s Exchange Online mailbox. All changes are completely transparent and can be reconstructed anytime.

Exchange® Online Privileges

tenfold also makes it easier to manage privileges for Microsoft Exchange and Exchange Online. Privileges can be assigned to all types of mailboxes and mailbox folders. Through tenfold’s self-service, users can submit requests for privileges for shared mailboxes and public folders. Also, you can specify data owners and approval workflows for mailboxes.

tenfold furthermore provides a fantastic reporting feature for Exchange permissions. In the intuitive user interface, you can see right away who has access to a certain mailbox or mailbox folder, and which mailboxes, public folders or individual mailbox folders a specific user (or group) has access to. Active Directory and Azure AD-groups are automatically broken down into members and presented in a simple tree structure.

Screenshot of the IAM software tenfold's user interface showing Exchange permission reporting.

Microsoft Teams

With the Azure AD® plugin, you can manage and control memberships in MS Teams groups via tenfold. Again, you can use roles to assign users to teams or remove them again. In addition:

  • you can appoint data owners for teams via tenfold.

  • users can request team memberships (e.g. for project groups) via tenfold’s self-service.

  • data owners can approve such requests as part of an approval workflow.

Admission to the team is then done automatically. All changes to memberships are logged in tenfold and can be reproduced at any time. The tenfold dashboard also shows which guest users are members of internal teams.

Would you like to experience tenfold LIVE?

Sign up now for our product demo!
tenfold – Simple. Secure. Ready to go.