What an ID Governance Consultant Wishes You Knew About Entra

Identity Governance is often treated as a “nice-to-have” compliance checkbox, but as ID Governance expert Sandra Saluti reveals, it is actually the foundation of a secure, scalable environment. In this technical deep dive, we move past the marketing slides to discuss some of the common real-world “gotchas” that break Entra ID deployments.In this episode, you will learn:* The Golden Rule of Automation: Why you must stop using “presentation data” (like UPNs or Email addresses) as your anchor. We explain why the Object ID is the only immutable truth for your automation.* The “Marriage Bug”: A cautionary tale of how a simple name change can break hybrid joins and lead to accidental laptop wipes and how to prevent it.* The “Unsexy” Side of Governance: Why the most important part of your job isn’t writing PowerShell, but interviewing HR and stakeholders to map out process flow diagrams before you ever touch the portal.* Closing the “Rehire Gap”: How to solve the common crisis where contractors lose access for 48 hours during a renewal because of lifecycle synchronization delays.* Directory Extensions vs. Exchange Attributes: Technical advice on where to store your identity metadata for the most reliable governance.Sponsored by:Entra ID Gaps That Cause OutagesIn Microsoft Entra ID, outages often start small: an expired client secret, a lapsed certificate, or a suddenly failing integration. Traditional controls don’t track credential expiry or enforce application ownership, so issues appear only after something breaks.Teams are left asking:* Which applications can access Microsoft 365 data?* Is that access still appropriate?* Who owns the app?Unclear answers stall reviews, weaken accountability, and slow delivery.ENow App Governance Accelerator closes these gaps by highlighting expiring credentials, surfacing permission risks, and identifying ownership gaps before they disrupt operations. New Standard Tier pricing makes it accessible for organizations under 10,000 users, typically $3,500–$9,500 annually.Subscribe with your favorite podcast player or watch on YouTube 👇About Sandra SalutiSandra Saluti is a consultant at Epical working with Microsoft Entra ID and identity governance. She helps organisations design secure and practical identity solutions with a focus on governance, access management, and Zero Trust.LinkedIn - https://www.linkedin.com/in/sandra-saluti-6866a686/🔗 Related Links* Sandra’s Blog - https://agderinthe.cloud/author/sandra/ 📗 Chapters00:00 Welcome to Entra Chat 03:18 Explaining Identity Governance 08:51 Handling Late Hires and Rehires 11:25 Using Directory Extensions Effectively 18:50 Stop Targeting UPNs for Automation 25:18 Managing Chaos with Guest Access Reviews 30:56 Deciding Who Approves App Access 33:51 Replacing Nested Groups with Access Packages 39:29 Closing Thoughts and CommunityPodcast Apps🎙️ Entra.Chat - https://entra.chat🎧 Apple Podcast → https://entra.chat/apple📺 YouTube → https://entra.chat/youtube📺 Spotify → https://entra.chat/spotify🎧 Overcast → https://entra.chat/overcast🎧 Pocketcast → https://entra.chat/pocketcast🎧 Others → https://entra.chat/rssMerill’s socials📺 YouTube → youtube.com/@merillx👔 LinkedIn → linkedin.com/in/merill🐤 Twitter → twitter.com/merill🕺 TikTok → tiktok.com/@merillf🦋 Bluesky → bsky.app/profile/merill.net🐘 Mastodon → infosec.exchange/@merill🧵 Threads → threads.net/@merillf🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe