Connect With Us:

Identity & Access Management

sIdentity & Access Management

Identity & Access Management

Centralized operation and continuous maintenance of Active Directory and Azure AD for secure user management, clear authorization structures and controlled access to IT systems.

Target Group

Companies and public institutions with on-premises or cloud-based directory services that want to professionally manage users, access and security policies – from mid-sized businesses to enterprise organizations.

Challenges

Unstructured user and permission management, missing security policies and manual processes lead to security risks, compliance issues and high administrative effort. Clear processes for employee onboarding, role changes and offboarding are often lacking.

Scope of Services

  • Operation of Active Directory and Azure AD
  • User, group and role management
  • Implementation of authorization and role concepts
  • Group Policy management (GPO / Cloud Policies)
  • Setup and operation of MFA
  • Conditional Access rules
  • Integration of applications with SSO
  • Monitoring of directory services
  • Incident and problem management
  • Regular access reviews
  • Service reporting

Service-Level (SLA)

  • Directory service availability up to 99,9 %
  • Response time for critical authentication incidents: ≤ 30 minutes
  • Response time for standard requests (e.g. user creation): ≤ 1 business day
  • Support hours: weekdays 8–18, optional 24/7
  • Regular security and compliance reports

Technical Components

  • Microsoft Active Directory
  • Azure Entra ID
  • Azure AD Connect / Cloud Sync
  • MFA and Conditional Access modules
  • Privileged Identity Management (optional)
  • Ticket and ITSM system

Customer Benefits

  • Secure and traceable access control
  • Faster user provisioning
  • Reduced security risks
  • Compliance-aligned authorization structures
  • Relief for internal IT administrators
  • Scalability with company growth

Extension Options

  • Privileged Access Management (PAM)
  • Identity Governance & Lifecycle Automation
  • Self-Service portals for user requests
  • Zero-Trust and security workshops
  • Integration of non-Microsoft directory services
  • Recertification workflows

Pricing Model

  • Monthly flat rate per user or per directory instance
  • Tiered pricing based on number of users
  • Additional modules (PAM, 24/7, automation) separately charged

Onboarding & Implementation

  • Analysis of the existing directory structure
  • Definition of role and authorization concepts
  • Setup of policies, MFA and Conditional Access
  • Establishment of provisioning processes
  • Transition into regular operations
  • Documentation and knowledge transfer

Managed IT-Services “Made in Germany”: projekte@ang.de