Managed Red Tenant

MyWorkID fills the gap where traditional solutions fall short, delivering precise access control. It offers controlled, self-service access under strict conditions, ensuring compliance and security while reducing administrative overhead. Whether it's password resets or user verification, MyWorkID enables your organization to act faster and more securely.

Block Risk at the Source

MyWorkID

MyWorkID fills the gap where traditional solutions fall short, delivering precise access control. It offers controlled, self-service access under strict conditions, ensuring compliance and security while reducing administrative overhead. Whether it's password resets or user verification, MyWorkID enables your organization to act faster and more securely.

Managed Red Tenant

MyWorkID empowers organizations to strengthen security while offering users greater flexibility in managing access and authentication. By integrating with Microsoft Entra ID, MyWorkID enables secure self-service solutions for handling compromised accounts, generating Temporary Access Passes (TAP), resetting passwords, and verifying user identities. Through the use of Conditional Access policies and authentication context, organizations can apply stringent security controls while allowing users to address risks in a controlled environment, ensuring both robust protection and a seamless user experience.

Microsofts Solutions

When a user is flagged by Microsoft Entra ID Protection or identified as compromised during an incident response, access to organizational resources must be swiftly restricted or blocked. Risk-based Conditional Access Policies are applied to prevent further unauthorized access by compromised identities.

To safeguard the organization, users must be isolated and blocked from accessing Entra ID-protected cloud applications until the risk is mitigated. Currently, remediation options within Microsoft Entra ID are limited to password changes or complete account blocks – solutions that may not align with organizations adopting passwordless authentication methods.

With MyWorkID integrated into Conditional Access Policy targeting, organizations can grant limited portal access to compromised users under controlled conditions. For example, users marked as risky can access the portal if their device remains compliant or if they have re-authenticated using strong authentication methods. This approach provides organizations with the flexibility to define robust, granular conditions for a self-service solution that allows users to address and resolve their risk status.

Microsofts Solutions

A user requires a Temporary Access Pass (TAP) for the onboarding of a new or replacement device.

Currently, Microsoft Entra ID lacks built-in self-service functionality that allows end-users to request a TAP. This means organizations must rely on a service desk or implement a custom solution to provide the TAP to users, adding complexity and administrative overhead.

With MyWorkID, end-users can generate a TAP through a self-service process. Given the sensitivity of this credential, granular and stringent conditions must be met to obtain a TAP. To enhance security, Authentication Context is supported, allowing Conditional Access Policies to be triggered during this critical user action, ensuring strong protection for the organization.

Microsofts Solutions

A user needs to reset their forgotten password. This situation may arise when users, who typically rely on passwordless authentication methods, occasionally need to access an application that only supports password-based authentication.

By default, Microsoft Entra ID offers limited scenarios for passwordless users to reset their passwords. Most commonly, Self-Service Password Reset (SSPR) is required, which provides only a restricted set of security policies and conditions that must be met for a password reset.

With MyWorkID, Conditional Access Policies can be enforced through Authentication Context to secure these sensitive user actions. For instance, a password change request can only be initiated through self-service if the user has no risk status, is using a compliant device, and has successfully passed strong authentication. This ensures greater control and security during the password reset process.

Microsofts Solutions

An employee is unable to use their work account for authentication (e.g., access has been blocked) or the organization needs to validate the authenticity of the account owner.

While Microsoft Entra offers verification capabilities using Verifiable Credentials ("Verified ID"), there is no integrated feature for employees to initiate a verification request on their own.

With MyWorkID, organizations can leverage Verified ID to conduct a liveness check and verify the authenticity of an employee. End-users can access the portal for verification, where they must undergo high-assurance verification via Face Check. This process strengthens security by matching a real-time selfie of the user with their Microsoft Entra ID account photo. The system securely stores a confidence score and timestamp within Microsoft Entra ID, which IT departments (e.g., SOC or Helpdesk) can access if they have permission to view the user's verification data. This feature adds a critical layer of trust and security to the user verification process.

Get access to our innovative MyWorkID solution. Leave us a message and get access to the Free Community Edition.
Thomas Naunheim
MyWorkID closes technology gaps and enhances the Microsoft portfolio by providing flexible, self-service solutions for access control. It is fully integrated into Microsoft Entra ID and supports advanced and secured authentication.
Thomas Naunheim Cyber Security Architect