Episode Details
Back to Episodes
Digital Identity is Broken: How Entra External ID Fixes the Trust Gap
Season 2
Published 1 month ago
Description
Identity used to be simple. Employees logged into corporate systems from managed devices inside a controlled network perimeter. Security teams built walls, directories stored accounts, and trust lived inside one organization. That world no longer exists. Today, customers move across apps and devices constantly. Partners collaborate across tenants. Contractors join and leave projects every week. AI agents and automated workflows request access without ever touching the traditional sign-in path older identity systems were designed for. Yet most identity architectures still behave like everything happens inside a border. That mismatch creates one of the biggest hidden operational problems in modern business: the trust gap. In this episode of the M365 FM Podcast, Mirko Peters breaks down why identity is no longer just an authentication problem. It is now a business growth problem, a customer experience problem, a governance problem, and increasingly, a digital trust problem.
THE DEATH OF THE PERIMETER
Most identity systems still rely on rebuilding trust from scratch inside every application, every onboarding flow, and every partner portal. Every time a customer registers again, every time a contractor creates another account, and every time a partner has to manually prove the same information twice, organizations create friction, duplicate data, and larger attack surfaces. The costs are massive. Research continues to show that complicated registration processes directly reduce conversion rates. Password problems still overwhelm support teams. Centralized identity silos create larger breach targets while slowing users down at the exact moment businesses want faster onboarding and smoother digital experiences. This episode explores why identity can no longer be treated as a static account sitting in a directory. Instead, the future moves toward portable trust.
WHY PORTABLE IDENTITY CHANGES EVERYTHING
Mirko explains the shift from account-centric identity to claim-centric identity. Rather than asking whether an organization owns an account record for a person, the better question becomes: What does this user, partner, customer, or system need to prove right now? That shift changes everything. The discussion covers how passkeys accelerated this transformation by replacing shared secrets with stronger proof tied to users and devices. Microsoft’s reported improvements in login speed and success rates demonstrate that stronger security and lower friction no longer need to compete against each other. The episode also explains why decentralized identity is often misunderstood inside enterprises. Decentralized identity does not mean the end of governance or enterprise control. It means trust becomes portable, verifiable, and policy-driven rather than dependent on one giant central identity store holding every attribute forever.
WHERE ENTRA EXTERNAL ID FITS
Mirko breaks down the architectural distinction many executives confuse. Entra External ID acts as the orchestration and governance layer for customer and partner identity journeys. Verified ID provides portable proof through verifiable credentials. Together, they create a hybrid model where organizations can modernize external identity without immediately abandoning every traditional CIAM pattern they already rely on. The episode also dives deep into the practical realities of migration from Azure AD B2C, including:
GOVERNANCE, RISK, AND DIGITAL SOVEREIGNTY
Technology alone does not solve the
THE DEATH OF THE PERIMETER
Most identity systems still rely on rebuilding trust from scratch inside every application, every onboarding flow, and every partner portal. Every time a customer registers again, every time a contractor creates another account, and every time a partner has to manually prove the same information twice, organizations create friction, duplicate data, and larger attack surfaces. The costs are massive. Research continues to show that complicated registration processes directly reduce conversion rates. Password problems still overwhelm support teams. Centralized identity silos create larger breach targets while slowing users down at the exact moment businesses want faster onboarding and smoother digital experiences. This episode explores why identity can no longer be treated as a static account sitting in a directory. Instead, the future moves toward portable trust.
WHY PORTABLE IDENTITY CHANGES EVERYTHING
Mirko explains the shift from account-centric identity to claim-centric identity. Rather than asking whether an organization owns an account record for a person, the better question becomes: What does this user, partner, customer, or system need to prove right now? That shift changes everything. The discussion covers how passkeys accelerated this transformation by replacing shared secrets with stronger proof tied to users and devices. Microsoft’s reported improvements in login speed and success rates demonstrate that stronger security and lower friction no longer need to compete against each other. The episode also explains why decentralized identity is often misunderstood inside enterprises. Decentralized identity does not mean the end of governance or enterprise control. It means trust becomes portable, verifiable, and policy-driven rather than dependent on one giant central identity store holding every attribute forever.
WHERE ENTRA EXTERNAL ID FITS
Mirko breaks down the architectural distinction many executives confuse. Entra External ID acts as the orchestration and governance layer for customer and partner identity journeys. Verified ID provides portable proof through verifiable credentials. Together, they create a hybrid model where organizations can modernize external identity without immediately abandoning every traditional CIAM pattern they already rely on. The episode also dives deep into the practical realities of migration from Azure AD B2C, including:
- Just-in-time password migration
- Modern Graph-centered architecture
- Federation and lifecycle control
GOVERNANCE, RISK, AND DIGITAL SOVEREIGNTY
Technology alone does not solve the