Microsoft’s Merill Fernando on identity modernization challenges

[MUSIC PLAYING] So some common misconceptions that I see people have about identity modernization is thinking they need to do everything in one go, because it doesn't need to be a big bang approach. You can start small. Modernization has three different pillars from identity. It could be app modernization, use identity modernization, and devices modernization. So you can move them from being all on prem to the cloud. So devices join from the Active Directory. You can move them to being Entra joined. So you do the cloud bit. You have identity of users that could be being provisioned on prem. You can slowly start moving them over to the cloud. And the same way is for apps as well. You can move away from Kerberos and NTLM and all those legacy protocols, which all require VPN. You move to modern protocols like OAuth and OpenID Connect and SAML so that you can apply a lot of the security controls, like conditional access in Entra to modernize those. So there are lots of different journeys that you can take and you don't need to do all of them in one go. You can just do them a little bit at a time, especially when it comes to things like procurement. It's not even technology related. You just put in a business process that says, stop buying applications that are on prem based applications that use NTLM and Kerberos. So that's a good journey to get started on. The biggest challenges that I see people facing is when it comes to applications. They are really big, because it could be a company that has 2,000 apps or 3,000, or it could be a few apps, but that are used across the board by the entire company. So switching over those apps from a legacy protocol to Entra ID and the cloud based authentication will take time. Sometimes they need to upgrade the app. They need to sometimes even move to an entirely new application, because the legacy app is no longer being built. They were just running it on its last legs. So the part of app modernization is what usually takes the longest.