Phase 2: Identity

Phase 2: Identity

In Microsoft 365 Enterprise, a well-planned and executed identity infrastructure paves the way for stronger security and access to your productivity workloads and their data only by authenticated users and devices.

Watch this video for an overview of identity models and authentication for Microsoft 365 Enterprise.


If you’ve already deployed an identity infrastructure, please see the identity exit criteria to make sure that you meet the required and optional conditions for Microsoft 365 Enterprise.

For the identity features of each Microsoft 365 Enterprise plan, the role of Azure Active Directory (Azure AD), on-premises and cloud-based components, and the most common authentication configurations, see the Identity Infrastructure poster.

The Identity Infrastructure poster

This two-page poster is a quick way to ramp up on identity concepts and configurations for Microsoft 365 Enterprise.

You can also download this poster and print it in letter, legal, or tabloid (11 x 17) formats.

Plan and deploy your Microsoft 365 Enterprise identity infrastructure

Use the following steps to plan and deploy your new identity infrastructure in the cloud. You can also use these steps to adapt your existing on-premises or hybrid identity infrastructure to work with Microsoft 365 Enterprise.

Step 1 Create and protect your global admin accounts
Step 2 Secure your passwords
Step 3 Secure and manage your user sign-ins
Step 4 Add your user accounts
Step 5 Use groups for management
Step 6 Configure identity governance

When you've completed these steps, go to the exit criteria for this phase to ensure that you meet the required and optional conditions for Microsoft 365 Enterprise identity.

Identity and device access recommendations

Microsoft provides a set of recommendations for identity and device access to ensure a secure and productive workforce. For identity, use the recommendations and settings in the following articles along with the steps in this phase:

How Microsoft does Microsoft 365 Enterprise

Learn how IT experts at Microsoft manage identities and secure access.


This IT Showcase resource is only available in English.

How Contoso did Microsoft 365 Enterprise

See how the Contoso Corporation, a fictional but representative multi-national business, deployed a hybrid identity infrastructure for Microsoft 365 cloud services.

The Contoso Corporation

Next step

Step 1 Create and protect your global admin accounts