Assurance of Identity with improved user experience
We teamed up with Atrium Underwriters to help with the identity management element of their cloud / remote access story, find out how we got on.
To stay secure, it’s paramount to understand who is accessing your data and whether they should have access. From here you can consider, what they are accessing, what they are doing with this information and if additional controls are required to safeguard that information. We work with companies at every stage of this journey, if you are looking to improve this or understand more about the process, read on.
Assurance of Identity
Identity and access management (IAM) is the cornerstone to securing your environment. We increasingly hear that ‘the users are the new perimeter’ and although this is true it doesn’t negate the requirement for centralised security controls and risk mitigation. It does however, make assurance of user identity as paramount to cyber security. Huge innovation has been at the heart of IAM for the last few years, harnessing machine learning, biometrics and automation but the core remains the same – can you be sure your user is who they claim to be.
Single Sign On (SSO)
With assurance of identity, single sign on can be used to federate access to additional applications within a user’s work suite of applications. This greatly improves user experience, lowers ‘password reset’ support requests for the helpdesk and, with only one set of credentials to remember, implementation of multifactor authentication, two factor authentication or simply more stringent password specifications to strengthen the access credentials is much simpler.
Privileged Access Management
For maximum access at their fingertips, hackers will typically target high value accounts such as those with administrative, sensitive financial or database access. Privileged access management (PAM) helps to mitigate risk of misuse of those credentials, either by the individual or by a hacker.
PAM refers to a whole range of solutions that safeguard you from unauthorised access, unsanctioned activity and lateral movement. PAM solutions are understandably bespoke, highly dependent on what you are defending and what risks you are focused on mitigating.
Some of the more popular PAM solutions include additional multi-factor authentication for privileged accounts, screen recordings for all highly sensitive access and password vaults for administrator credentials.