Microsoft Entra: secure identity & access management for your company
We implement and operate Microsoft Entra in full: Conditional Access, MFA, Privileged Identity Management and Entra ID Governance. As a Microsoft Solutions Partner for Security.
Why companies entrust us with their identity and access infrastructure.
Entra as a zero-trust foundation
We implement Microsoft Entra as the basis of your zero-trust strategy, aligned with Conditional Access, PIM and every other security layer of your environment.
01
Operational depth, not a one-off rollout
As a Solutions Partner for Security, we implement and operate Entra for Swiss SMEs: proven Conditional Access policies, PIM configurations and Entra ID Governance setups included.
02
Compliance as an integral part
We configure Entra so that data access is documented in a verifiable, audit-proof and FADP-compliant way, from the first user login to the administrator audit log.
03
Unser Microsoft Entra Portfolio auf einen Blick.
Conditional Access & MFA
Microsoft Entra ID is the central identity platform for all your applications. Conditional Access defines who can access and under what conditions. MFA, as the most effective single measure against account takeovers, is seamlessly integrated.
Privileged Identity Management
Entra PIM replaces permanently assigned administrator rights with a Just-in-Time model. Elevated permissions are only activated when truly needed, complete with an approval workflow and a comprehensive audit log.
Entra ID Governance
Entra ID Governance automates Access Reviews, lifecycle workflows, and entitlement management. When roles change or employees leave the company, access rights are automatically revoked.
Entra External ID
Secure guest user access for external employees, partners, and suppliers. Without additional accounts in your internal directory. You invite them, define their permissions, and retain control at all times.
As a leading institution for international arbitration and mediation proceedings, we require an IT infrastructure with the highest security and availability. Baggenstos provided us with a modern, Microsoft-based solution that is very well tailored to our needs.
Baggenstos is a Microsoft Solutions Partner for Security with expertise in Identity, Endpoint and Cloud Security. This specialisation is audited and confirmed by Microsoft every year.
Microsoft Solutions Partner for Security
Certified for Identity, Endpoint, and Cloud Security, including the «Cloud Security» specialization. Proven on real-world projects across the Microsoft security stack.
Microsoft Solutions Partner
Highest Microsoft Partner designation, re-certified annually. Baggenstos holds several Solutions Partner Designations.
Microsoft Solutions Partner for Security
Certified for Identity, Endpoint, and Cloud Security, including the «Cloud Security» specialization. Proven on real-world projects across the Microsoft security stack.
Microsoft Solutions Partner
Highest Microsoft Partner designation, re-certified annually. Baggenstos holds several Solutions Partner Designations.
Conditional Access: managing access securely and conveniently
Why Baggenstos Should Be Your Partner
60,000+
Microsoft 365 users in the Managed Service Program
1'000+
Cloud projects successfully implemented
Since 1925
100 years of continuity in family ownership
Holistic consulting
Identity and access management is not a single measure but part of your entire security strategy. We design zero-trust architectures that fit your operations.
Certified Microsoft excellence
As a Solutions Partner for Security, we implement Conditional Access, MFA and Privileged Identity Management at the level that Microsoft audits require.
Focus on security & compliance
Identity is the most important attack surface today. We secure it systematically: with Entra as the foundation, aligned with the FADP and industry requirements.
Guiding the change (change management)
Zero trust changes how employees access systems. We guide the introduction so that convenience is preserved and security increases.
Frequently Asked Questions, Honest Answers
What does Microsoft Entra cost as a managed service?
Microsoft Entra ID is part of most Microsoft 365 licences, with a different feature scope depending on the plan. Additional features such as Privileged Identity Management or Entra ID Governance require Entra ID P2. The operating costs depend on the size of your environment and the scope you want. In an initial consultation we clarify licensing and operating model together and set everything out contractually.
What changes for our users with the update to Microsoft Entra?
For end users little changes: login with password plus MFA still works, and Microsoft 365 apps stay the same. Entra becomes visible through the new logo at login. Concrete improvements: single sign-on for more apps, faster password resets and passwordless login via Authenticator. The terminology only changes for IT.
What is Microsoft Entra Conditional Access and how does it protect against unauthorised access?
Conditional Access checks several criteria before every login: Who is accessing, from which device, from which location, with what risk? Only when all conditions are met does Entra grant access. A login from an unknown country is blocked or forces additional verification. A stolen password alone becomes worthless.
What is the difference between Azure Active Directory (Azure AD) and Microsoft Entra ID?
Functionally there is no difference: Microsoft renamed Azure Active Directory to Entra ID in 2023. All features, licences and configurations remain identical. The renaming is part of the Entra product family, which additionally includes Conditional Access, Privileged Identity Management and Entra Permissions. You do not need to change anything.
How does Microsoft Entra improve security through Zero Trust principles?
Zero Trust means: trust no one, verify everything. Entra checks every access individually based on identity, device, location and risk, regardless of the user's location. MFA, Conditional Access and Privileged Identity Management form the foundation of the Zero Trust architecture and replace the old perimeter model.
Does Microsoft Entra also support the management of identities in multi-cloud environments?
Yes. Entra is not only for Microsoft 365 and Azure: you can also connect AWS, Google Cloud and SaaS applications such as Salesforce or ServiceNow centrally via Entra. SSO, MFA and Conditional Access work across platforms. Entra Permissions Management gives you an overview of permissions across Azure, AWS and GCP.
Can we keep using our existing Active Directory?
Yes. Microsoft Entra Connect synchronizes your on-premises Active Directory with Microsoft Entra ID. Existing user accounts, groups and password policies are retained and transferred into the cloud identity solution. The transition works step by step and without interruption to day-to-day business. In the long term, you can decide whether to keep the local AD or migrate fully to Entra ID.
