Microsoft issued a 19-page report, titled ‘The state of apps by Microsoft identity 2020’. In this document, Microsoft shares it analysis of enterprise cloud app usage. It shows how and what applications organizations are securing with Azure AD. It also shares insights into how app usage shifted in 2020 compared to the years prior.

Note:
In its analysis, Microsoft looked at organizations’ application usage within the Azure AD App Gallery, excluding Microsoft applications such as Azure, Dynamics, Office 365, and Teams. The report includes data from December 31st, 2018 to December 31st, 2020.

About the Azure AD App Gallery

Microsoft’s Azure AD App Gallery enables organizations to quickly secure and manage apps of all types. It includes thousands of pre-integrated apps. Microsoft sees organizations of all sizes integrate all their apps with Azure AD to give their workforce a more convenient and secure experience.

Organizations adopt cloud apps

2020 has changed the way people work. People rely more heavily on cloud apps to get work done. This is a longer term change, and you may expect this trend to continue past 2020. Organizations cite security and remote work as the main reasons for cloud adoption.

Organizations are increasingly using Azure AD to connect with apps

The number of monthly active users of Azure AD App Gallery apps has increased 109% year-over-year in 2020; It more than doubled on the number of people authenticating through Azure AD to third-party applications.

Okta still holds the crown when it comes to ease of onboarding apps. It’s safe to say that Azure AD has made it sufficiently easy to connect apps to Azure AD, whether these apps are feature-federated (federated with provisioning), federated or merely password-vaulted.

As an added benefit, organizations using Azure AD this way find themselves well on the 2021 path of zero trust.

More organizations now use Multi-Factor Authentication

The pandemic has both accelerated digital transformation timelines and increased the need for advanced security that organizations can rely on to provide secure access to their users wherever they may be working.

Azure AD offers its own built-in multi-factor authentication service (Azure MFA), but also allows organizations to use third party multi-factor services, like RSA, DUO and Trusona. Organizations using AD FS to redirect Azure AD authentication requests to their own implementations may also use their own multi-factor authentication implementation.

There's a multi-factor authentication solution for virtually every organization scenario. No wonder the use of multi-factor authentication (MFA) with Azure AD has grown 150% year-over-year.

Microsoft is a team player

Looking at the top 15 apps, it is apparent that Microsoft is a team player in the cloud. Google Cloud / Google Workspace (Rising to position 2 from position 3 in 2019 and 2018), Zoom (Position 5, with no ranking in previous years) and Salesforce (Position 8, previously on positions 5 and 6) may all be considered rivals to Microsoft in certain ways. However, everything is done to make sure Azure AD acts as the unified identity gateway for organizations.

ServiceNow continues to lead in monthly active users for the third year in a row.

Comparing the most popular apps by monthly active users with the most popular apps by number of organizations shows a similar picture. In this case, Zoom ranks on position 1 due to the increased video conferencing needs organizations have since 2020. Travel expense app SAP Concur, on the other hand, now no longer ranks as part of the Top 15 apps by number of organizations, mostly due to 2020’s travel restrictions.

Many organizations didn’t even bother anymore setting up and/or exposing their AD FS implementations during the first lockdowns in March 2020. When on-premises apps can be published with Azure AD using the Azure AD Application Proxy (up 100% year-over-year) or any of the third-party solutions (Citrix ADC, Palo Alto Networks Prisma Access, and Zscaler Private Access), why would they?

Microsoft has a lot of data on its customers

While all the information in the report is pseudonymized, the staggering amount of information shared shows how much data Microsoft has on its customers. Even when Azure AD merely acts as an identity broker (the setup where an organization redirects authentication requests from Azure AD to its own federation implementation), its cloud services know what identity data we exchange with the apps we use. When organizations use Azure AD as their identity provider, Microsoft knows all.

Organizations might want to review Active Directory, AD FS and Azure AD in terms of Data Privacy and update their data privacy impact assessments (DPIAs) accordingly.