Overview
Led a comprehensive identity and access management modernization for a distributed organization operating across the U.S., India, and Brazil. The initiative addressed fragmented access controls, shared credentials, and inconsistent lifecycle management.
What Was Done
- Expanded SSO and implemented SCIM-based automated provisioning to reduce manual access administration
- Enforced company-wide MFA and deployed identity threat detection and response (IDTR)
- Transitioned teams away from shared user accounts to functional shared mailboxes
- Implemented dynamic security groups to reduce access drift
- Removed high-risk third-party and AI applications through tenant policy enforcement
- Established encrypted email controls and improved onboarding/offboarding security
Outcome
Significantly reduced manual access overhead, minimized lifecycle errors, and strengthened organizational security posture across all regions.
Stack
Microsoft Entra ID · M365 · SCIM · SSO · Microsoft Intune · Conditional Access