Top 8 Identity & Access Management Challenges with Your Saas Application
Download your SaaS IAM whitepaper from Okta. Okta-IAM_SaaS_Challenges_Top_8
Tag Archive for: saas
Top Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution – Blog 5 of 6
5. Robust Access Policies and Multi-factor Authentication (MFA)
Today you live with the risks of users accessing many more services outside the corporate network perimeter as well as users carrying many more devices to access these services. Users have too many passwords and the passwords are inherently weak. In fact passwords have become more of an impediment to users than they are protection from hackers and other malevolent individuals and organizations. In short, in many cases, passwords alone cannot be trusted to properly and securely identify users.
Consequently, you need a better solution that incorporates strong authentication and one that delivers a common multi-factor experience across all your apps — SaaS, cloud, mobile, and onpremises. The solution also needs to have access policies that take into account the complete context of the access request and helps to overcome these new security risks. In addition, you need the capability to establish flexible access policies for each app for more granular and adaptive control. For example, if a user is accessing a common app from a trusted device on the corporate network from his home country during business hours ,then simply allow him silent SSO access to the apps. But if that same user is accessing an app outside the corporate network from a device that is not trusted, outside of business hours, and from a foreign country then deny them access — or at least require additional factors of authentication.
Specifically, you need an IDaaS solution that ensures security authentication by combining multi-factor authentication (MFA) and rich, flexible per-app authentication policies.
Multifactor authentication methods should include at least:
• Soft token with one-button authentication to simplify the experience
• One Time Passcode (OTP) over SMS text or email
• Interactive Phone Call to the user’s mobile device and requirement for a confirmation before authentication can proceed
• User configurable security question to act as a second password
Per-app authentication policies should allow, deny or step up authentication based on a rich understanding of the context of the request based on any combination of:
• Time of day, work hours
• Inside/Outside corporate network
• User role or attributes
• Device attributes (type, management status)
• Location of request or location of user’s other devices
• App client attributes
• Custom logic based on specific organizational needs
We have the coolest security technology partners!
Recent press supports our direction on selecting leading edge security technology partners. Not long ago, NetWitness found the most invasive Netbot in recent history.
Now our cloud-based monitoring solution partner, Alert Logic, discovered a serious bug with Facebook.
IDG reported “Facebook is fixing a Web programming bug that could have allowed hackers to alter profile pages or make restricted information public.
The flaw was discovered last week and reported to Facebook by M.J. Keith, a senior security analyst with security firm Alert Logic. Read more
Security as a Service (SaaS) Model?
For clients who have limit capital expense budgets, we’ve created a suite of services to help clients meet the challenge of limited budget and need to maximum security solution benefit. With services in log management, threat management, file integrity management, vulnerability management, wireless devices security management and 24/7 monitoring, we’ve effectively resolved eight of the most challenging Payment Card Industry (PCI) requirements.
Instead of spending several hundred thousand dollars and even more in additional personnel, and equipment rack space among other things to launch these products yourself, why not consider our SaaS model where for just a few thousand dollars per month, you get the benefits of a latest technology, reduced work for your personnel, and greatly improved security operations server.
In traditional outsourcing models, the customer gives up visibility and control to their inner operations. Not in our model! You can have as much access, full control, and visibility to everything that our Security Operations Center sees. We’ll just handle it around the clock!
