Discover how organizations like Pearson are modernizing identity governance with Microsoft Entra. Learn how automation, HR integrations, and lifecycle workflows reduce administrative burden, enhance compliance, and elevate employee experience.
Identity isn’t just the new control plane– it’s the foundation for security, compliance, and productivity. This article summarizes lessons from our recent Entra Identity Governance webinar featuring Microsoft’s David Branscome and Pearson’s Tim Brantner, offering insights for organizations modernizing their identity and access strategy.
If you missed it, you can access the full recording in our Events OnDemand library.
library.Complexity, Compliance, and the Human Factor
Manual identity management is slow, error-prone, and a compliance risk. IT teams often juggle scripts, logs, and spreadsheets while hoping nothing slips through the cracks.
At Pearson, a legacy IAM system could no longer keep pace with a global, digital-first workforce.
“We’re transitioning into a digital software company in a very short amount of time, but we can’t do that without a strong foundation of identity and access,”
— Tim Brantner (Senior Director of Identity and Access Management, Pearson)
When accounts remain active after offboarding, or access is delayed for new hires, security and productivity both suffer.
Automating the Joiner–Mover–Leaver Lifecycle
Microsoft Entra Identity Governance automates the entire identity lifecycle– from onboarding to offboarding, through policy-driven workflows and HR integrations.
Key Capabilities:
- Joiner–Mover–Leaver (JML) Automation: Automate provisioning, updates, and deprovisioning using custom workflows triggered by HR events.
- Self-Service Access Requests: Empower users to request resources with automated approval and alerting.
- Access Recertification: Ensure users only retain access they truly need.
- HR System Integration: Connect Entra to HRIS platforms like Workday or SuccessFactors for a single source of truth.
“Identity has become the new control plane for security. Automated provisioning isn’t just about efficiency—it’s essential for reducing risk and ensuring compliance.”
— David Branscome (Security Architect, Microsoft)
Technologies Behind Entra Identity Governance
Successful implementations combine automation, analytics, and integration across several Microsoft technologies:
Core Components
- HRIS Integrations: Connect Entra with Workday, SuccessFactors, or other HR systems via API.
- Lifecycle Workflows: Use Azure Logic Apps to orchestrate joiner/mover/leaver actions.
Entitlement Management
Modern identity governance extends beyond provisioning—it’s about managing access dynamically and intelligently.
- Dynamic Groups: Automate group licensing and membership based on user attributes, eliminating manual updates.
- Self-Service Access Packages: Let users request access with built-in approvals and expiration policies.
- Access Reviews: Use machine learning insights to recertify permissions, supporting least-privilege access with less admin effort.
Supporting Tools
- Single Sign-On (SSO): Centralize authentication for SaaS and on-prem apps.
- Audit and Reporting: Gain visibility into B2B, privileged, and workload identities.
- Security Integrations: Connect identity logs with Microsoft Sentinel or Defender for Cloud for threat detection.
Real-World Impact: Pearson’s Transformation
Pearson’s modernization journey with eGroup & Microsoft Entra Identity Governance demonstrates tangible outcomes:
- Administrative Burden Reduced: Automated workflows replaced manual tasks, cutting support tickets.
- Compliance Simplified: Entra reporting streamlined audits and improved evidence collection.
- Employee Experience Elevated: Delegated access control empowered managers and users.
- Security Strengthened: Passwordless authentication and dynamic access policies improved protection.
“We’re already seeing measurable benefits: reduced support tickets, improved audit readiness, and empowered managers.”
— Tim Brantner (Senior Director of Identity and Access Management, Pearson)
Explore more outcomes in the Pearson Case Study
What’s New & Next in Entra Identity Governance
Microsoft continues to evolve Entra capabilities, including:
- Insider risk-based conditional access
- On-premises password remediation
- Microsoft-managed conditional access policies
- TLS inspection for Entra Internet Access
- Conditional Access Optimization Agent for Security Copilot
- Passkey integration and DLP controls for network traffic
Lessons Learned and Best Practices
Successful identity modernization isn’t just about technology—it’s about partnership, enablement, and agility.
Key lessons from Pearson and eGroup:
- Engage business units early, especially HR and compliance.
- Use agile, iterative approaches to prove value through quick wins.
- Select experienced partners who provide realistic guidance—not just theory.
Final Thoughts: Identity as a Platform for Innovation
While Entra Identity Governance is an add-on SKU, its ROI is significant for organizations seeking to simplify IAM, improve compliance, and enhance user experience.
As Pearson found, success begins with clarity:
“eGroup’s experience and honesty about Entra jumped out to us early on. You were clear about what it can do, and what it can’t. That made a difference in how we built our roadmap.”
— Tim Brantner (Senior Director of Identity and Access Management, Pearson)
Identity is no longer just a security measure—it’s the foundation for transformation.
Strengthen Your Identity Strategy with Expert Guidance
Modernize your identity governance approach and unlock operational efficiency, compliance confidence, and user empowerment. Learn how eGroup can help your organization streamline IAM with Microsoft Entra solutions.
