Microsoft Entra ID Plan 2 is Microsoft’s cloud-based identity and access management (IAM) licence designed for advanced security and compliance. It builds on Entra ID Plan 1 by adding AI-driven Identity Protection (which proactively monitors and safeguards user identities), risk-based Conditional Access and advanced Privileged Identity Management (which protects user accounts with elevated permissions), enabling organisations to detect, prevent, and remediate compromised credentials automatically.
The platform adopts a Zero Trust approach, verifying every access request regardless of its origin.
Why Entra ID P2 Matters
Without P2, identity protection remains mostly reactive. Suspicious sign-ins may generate alerts, but IT teams must investigate each one manually. During that time, attackers can continue accessing sensitive information while teams work to connect fragmented signals.
Entra ID P2 changes this dynamic by continuously monitoring every sign-in and access request, scoring identity risk in real time, and applying automated remediation instantly.
For example, if a user signs in from an unusual location on an unfamiliar device, P2 can immediately enforce MFA, block access, and notify IT, all without human intervention. This reduces the window attackers have to operate while keeping disruption low for legitimate users.
Key Features of Entra ID P2
Entra ID P2 equips businesses with the tools needed to control access and strengthen overall security. These tools include:
1. Advanced Identity Protection
P2 uses machine learning to detect risky sign-ins and unusual behaviour patterns in real time. It can automatically respond by challenging access via MFA, blocking access, or alerting IT, helping to stop threats before they escalate.
2. Risk-based Conditional Access
Risk-based Conditional Access policies allow businesses to choose conditions under which access to resources is granted. Entra ID Protection analyses signals about user accounts and calculates a risk score based on the probability that the user is compromised. If a user has risky user sign-in behaviour, or their credentials were leaked, ID Protection uses these signals to calculate the user risk level.
Administrators can configure risk-based Conditional Access policies to enforce access controls based on user risk. This ensures only trusted users on secure devices can access critical systems.
3. Analytics and Reporting
Entra ID P2 provides advanced reporting and visibility that allows IT teams to closely monitor user activity, authentication patterns, risky sign-ins, and emerging security threats, helping them detect problems earlier and respond faster to incidents. With Microsoft Entra ID Free, organisations typically have access to only about seven days of audit and sign-in logs, which can severely limit investigations. With P2, audit and sign-in log retention extend to 30 days, while risky sign-in history is retained for up to 90 days. This expanded visibility gives teams a far broader window to review historical activity, trace suspicious behaviour, and uncover issues that might otherwise be missed.
Get in touch
For organisations that want enterprise-grade identity protection without upgrading to a full E5 licence, Tivarri offers Entra P2 as an add-on, giving businesses the tools to operate securely, efficiently, and confidently.
Get in touch with Tivarri today at [email protected] or call 0207 837 8031 to get started.