Single Sign-On (SSO) and Identity and Access Management (IAM)…what exactly do all these big scary security related terms have to do with Office 365? Can they really make Office 365 better or do they add just another layer of complexity to an already complex world?
Although SSO and IAM may be confusing at first, they are extremely important tools for increasing security and creating an efficient environment for your employees to work in.
SSO with Office 365
At its most basic, an SSO solution enables the right people to access the right resources for the right reasons at the right time. With SSO, you log into one portal and gain access to an entire ecosystem of other programs (web applications) that normally would require their own individual login.
Azure Active Directory provides SSO for Office 365
As it currently stands, Office 365 utilizes Azure Active Directory authentication to interact with your on-premises Active Directory and your security token server (STS) to provide your users with federated access to their Office 365 cloud apps and only up to 10 other cloud apps (more available with premium accounts). So users sign in to their computers and they automatically get access to Office 365.
Using this federated account system with Office 365 also makes updating passwords easy, as users only have to update their Active Directory login credentials once. And this SSO solution also works with 2 Factor Authentication (2FA) to provide an added level of security.
But what if you need more than just SSO capabilities? What if you want to control what users do within their cloud apps? And what if you need to track that activity and perform audits? Then you need Intermedia AppID® Enterprise.
Go Beyond SSO™ with Intermedia AppID Enterprise
Many SSO solutions exist, but Intermedia AppID Enterprise rises above the rest due to a number of advanced features baked directly into the heart of the application.
Dynamic Password Management for long, strong and unique passwords
Intermedia AppID Enterprise supports virtually all web applications regardless of where they are hosted and which support standards (including SAML) they use. Our dynamic password management feature automates password changes and instantly replaces weaker user-generated values with long, strong and unique passwords for each individual external app. All you need is your AppID password (protected with 2FA, of course) and you’re good to go.
Context-based authentication bring contextual awareness into the authentication process
Context-based authentication balances trust against risk by letting you implement simple policies that allow (or deny) access to web applications based on contextual information - such as user role, group membership, device being used, location (IP address) and geo-location.
Context-based authentication dynamically adapts to context changes to:
- Restrict access to high-risk applications that contain sensitive data to known office locations or to specific IP addresses in the case of remote users
- Limit access to applications to approved or trusted devices
- Require users to authenticate using 2FA to access certain applications
Application Shaping gives control of how employees use web applications
Sometimes it’s not enough just to regulate login access to particular web applications. Sometimes you want to be able to control what employees do inside the web application. A lot of sensitive and confidential data can be accessed through individual web applications, and our patented Application Shaping technology helps you to specifically define access on an individual user basis. You control which screens they see and what functions they can perform, including the ability to copy, download, share and print. This customization of control allows you to grant read-only access when and where you need it and control how users see (or don’t see) sensitive information like bank account data or social security numbers.
Detailed audit trails and compliance reporting give you a complete picture of user activity
If you ever find yourself needing to backtrack and follow your steps, prove your company is compliant with industry standards, legislation or regulations, or even limit the type of sites users have access to, then Intermedia AppID Enterprise has your specific needs covered. Our end-to-end auditing capabilities can be configured to a core set of applications, or extend to all browser activity including unmanaged web applications and other sites. High risk or suspicious activity is automatically highlighted and brought to management’s attention in an effort to keep your business secure from external attack. This auditing data can be focused on a specific user, application or application feature providing you comprehensive and detailed level of control.
Learn more about how Intermedia AppID Enterprise can help simplify and boost your business today!