Amid a wave of attacks aimed at bypassing MFA, exploiting support processes, or compromising identities through AI, RSA announced RSA® ID Plus for Microsoft, a new category of solutions designed to add an advanced security layer over Microsoft Entra ID.
The first product, RSA ID Plus M1, is now available in Microsoft Azure Marketplace and is specifically targeted at high-security sectors — banking, healthcare, government, energy, critical infrastructure — that need to protect assets that Entra ID alone cannot fully cover, especially in legacy, OT, on-premises, or offline environments.
The solution does not replace Microsoft: it works in conjunction with Entra ID Plan 1 and Plan 2, closing security gaps without adding complexity.
A reinforcement for Entra ID in scenarios that Microsoft doesn’t fully cover
RSA defines ID Plus M1 as an additional layer to reach “where Entra doesn’t reach.” Here are its key capabilities:
1) Protection beyond the Microsoft ecosystem
ID Plus M1 extends modern MFA and passwordless to:
- Data centers and mainframes.
- OT systems and critical infrastructure.
- macOS and devices with Active Directory.
- Windows devices joined to Entra (Entra-joined) including legacy OS versions.
- Web servers and systems not integrated with Azure AD / Entra ID.
For organizations with legacy systems, specialized hardware, or applications that can’t be migrated quickly, this offers unified coverage without the need to redesign the entire architecture.
2) High Availability in hybrid setups and offline protection
The key differentiator for RSA is its Hybrid HA architecture, combined with offline capabilities, ensuring that:
- On-premises resources remain protected even if cloud services are interrupted.
- Laptops outside the network retain MFA and secure access even if they can’t connect to Azure or other services.
This approach is designed for 24/7 operations: hospitals, power plants, banks, public agencies, or critical infrastructure where outages could have serious consequences.
3) Defense against MFA-bypassing attacks
Increasingly, intrusions no longer aim to break MFA but to circumvent it by exploiting:
- Unprepared help desks.
- Weak onboarding processes.
- Password resets with minimal verification.
ID Plus M1 introduces Help Desk Live Verify, a patent pending technology capable of verifying user identity through phishing-resistant, passwordless authentication, blocking attacks that target support personnel or exploit human process vulnerabilities.
4) Native integration with Microsoft Entra
The product is designed to operate alongside Entra ID, not replace it.
RSA and Microsoft bring, according to the company, a “layered security” approach, where:
- Microsoft provides the global cloud scale,
- and RSA offers deep identity expertise, especially in regulated sectors.
A key move for high-security industries
RSA is transparent about the product’s focus: sensitive infrastructures require security that does not rely solely on the cloud or a single provider.
“High-security sectors have unique infrastructures that demand specialized expertise to operate and defend against emerging threats,” said Greg Nelson, CEO of RSA.
“ID Plus for Microsoft enables banks, hospitals, government agencies, and power plants to deploy modern security without compromising resilience.”
“The extraordinary risks faced by the financial, healthcare, energy, and other regulated industries require extraordinary capabilities,” added Laura Marx, Chief Marketing & Growth Officer. “The combined strength of Microsoft and RSA gives clients the scale and deep security needed to counter threats driven by AI.”
The message is clear: AI + weak identities = an explosive attack surface.
RSA’s goal is to strengthen that weak point even when Entra is properly configured.
Availability and adoption model
- RSA ID Plus M1 is now available in Azure Marketplace.
- F5 BIG-IP customers… (correction) → In this case, interested clients can request a demo at Microsoft Ignite (booth #1826R) during the announcement week.
- RSA provides additional resources such as datasheets, integration guides, and documentation for Help Desk Live Verify and Hybrid Failover.
Why this solution could set a trend
The move aligns with broader industry shifts: identity no longer resides solely in the cloud, and hybrid environments require strong, resilient authentication regardless of:
- whether the device is inside or outside the network,
- whether the system is Windows, macOS, or a mainframe,
- whether the user is connected to Azure, on-premises, or offline,
- or if attackers use AI tools to automate social engineering or onboarding attacks.
RSA ID Plus M1 positions itself in that middle ground where companies need the best of the cloud combined with robust guarantees for legacy systems supporting critical operations.
Frequently Asked Questions
Does RSA ID Plus M1 replace Microsoft Entra ID?
No. It is designed to extend it, providing security where Entra can’t easily deploy MFA or passwordless, especially legacy systems, OT, and critical servers.
How does Help Desk Live Verify differ from traditional MFA?
Live Verify verifies identity in a passwordless, phishing-resistant way, even during onboarding and support, avoiding social engineering attacks, which are among the most common MFA bypass methods.
How does ID Plus M1 protect resources when cloud connectivity is interrupted?
The Hybrid HA + offline capabilities architecture enables identity validation and access protection in on-premises and offline laptops, even if Azure or other cloud services are temporarily unavailable.
Which sectors benefit most from this solution?
Banking, healthcare, energy, public administration, and critical infrastructure, where operational continuity is vital and where modern and legacy systems often coexist, requiring unified security.
Source
RSA — RSA Announces New Solution to Enhance Security for Microsoft Entra ID (13/11/2025).