Microsoft, RSA Make Identity Security Push in the Age of AI -- Campus Technology

Cybersecurity

Microsoft, RSA Make Identity Security Push in the Age of AI

By Chris Paoli
04/06/26

Two of the bigger authentication announcements to come out of the recent RSA Conference both point in the same direction: Organizations need a more flexible, unified approach to identity security, especially as AI agents start acting alongside human workers.

Microsoft used the occasion to push its external multi-factor authentication (MFA) support in Microsoft Entra ID to general availability, while RSA Security announced an expanded partnership with Microsoft built around securing what it calls the "AI workforce."

Entra External MFA Hits GA

Microsoft's external MFA feature, is now generally available in Microsoft Entra ID, the company announced at this year's show. The capability lets orgs plug third-party MFA providers directly into Entra ID without having to abandon their existing authentication infrastructure or sacrifice Microsoft's Conditional Access policies.

The move is significant for enterprises that have invested in specialized MFA solutions to meet regulatory requirements, handle the complexity of mergers and acquisitions or operate across environments where Microsoft's native MFA options aren't a fit. Built on the OpenID Connect (OIDC) standard, external MFA works within the same admin console as Microsoft's native methods, giving IT teams a single pane of glass for all authentication management.

Sign-ins using external MFA still pass through full policy evaluation, including real-time risk assessment. Microsoft said administrators can align authentication prompts with business objectives through sign-in frequency and session controls, but cautioned that overly aggressive reauthentication can actually increase phishing risk by conditioning users to approve prompts without scrutiny.

Microsoft's research has pointed towards a stronger push for broader MFA adoption. The company's data shows MFA reduces the risk of account compromise by more than 99%. The external MFA feature extends that protection to organizations whose authentication stack sits outside Microsoft's native ecosystem.

RSA Moves to Secure the AI Workforce

RSA Security's announcement is tied to Microsoft's newly launched Microsoft 365 E7: The Frontier Suite, which bundles Microsoft 365 productivity tools, Microsoft Copilot, Entra identity services and Agent 365, a governance platform for AI agents. RSA is positioning its ID Plus for Microsoft offering as the identity trust layer that sits on top of that platform.

The pitch is straightforward but increasingly urgent: as AI agents begin executing automated workflows, accessing sensitive data, and operating with privileged access inside enterprise systems, identity governance can't stop at human users. Research shows non-human identities already outnumber human users by a factor of 17.

RSA's identity trust layer for the E7 suite covers three areas: high-assurance, phishing-resistant authentication for human users; risk intelligence that evaluates contextual signals to flag suspicious access attempts; and secure access controls for privileged operations as AI agents take on more autonomous tasks.

The company also confirmed it is available as an external MFA provider through Microsoft Entra's newly GA'd framework, meaning organizations can deploy RSA authentication through the external MFA integration directly within Entra configurations.

What It Means for IT Pros

For admins running hybrid environments with legacy MFA investments, the Entra external MFA GA opens a cleaner migration path than the previous Custom Controls approach it replaces. The September 2026 deprecation deadline for Custom Controls means planning should start now.

On the RSA side, the E7 integration story is more forward-looking — AI agents as enterprise workers is still an emerging model, but it's arriving fast enough that identity teams would be wise to get ahead of it. Gartner has predicted 33% of enterprise applications will include agentic AI by 2028, up from less than 1% in 2024. The security frameworks to govern those agents, including consistent identity controls that mirror what's already applied to human users, are going to be a core IT challenge in the near term.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

E-Mail this page

Printable Format

Featured

New Agentic AI Tool Analyzes Oracle Fusion and Workday Releases
Ransomware Attacks Plateau in Education Sector, While Third-Party Risks Loom Large

In 2025, ransomware attacks across the globe increased by 32% — but in the education sector, attacks appeared to plateau, according to the latest research from Comparitech.
OpenAI Adds Interactive Math and Science Learning Tools to ChatGPT

A new ChatGPT feature guides learners through math and science topics by showing how formulas, variables, and relationships behave in real time.
Apple and Google Strike AI Deal to Bring Gemini Models to Siri

Apple and Google announced they have embarked on a multiyear partnership that will put Google's Gemini models and cloud technology at the core of the next generation of Apple Foundation Models, a move that could help Apple accelerate long-promised upgrades to Siri while handing Google a high-profile distribution win on the iPhone.