In the realm of choosing technology for your companies’ Cloud, SaaS, or IaaS solution providers, we often rely on a select few providers since they tend to meet most of our requirements. A classic example is Microsoft, being one of the most prominent players in the industry, which offers a range of services that have become crucial components for many organisations.
When a company has an on-premises Domain Controller, you might be looking at options such as Azure AD while exploring ideas to move Active Directory to the Cloud. While we look at Azure AD, we will come across offering such as Microsoft 365 E5 licensing. Microsoft 365 E5 is a cloud-based suite of Microsoft 365 productivity apps combined with advanced voice, analytics, security, and compliance services all into one suite. I have seen most companies choosing this option along with email Exchange and it is clearly a no-brainer when choosing these offerings.
However, when organisations choose to put all their eggs in one basket, they are entrusting a single provider for critical services like Microsoft Azure Active Directory (AD), Exchange, SSO and Microsoft 365, they may inadvertently expose themselves to significant risks.
I will explore a few potential dangers of such an approach and provide insights through real-life examples.