As you know, web apps whether on-premises or in the cloud are woefully in adequate when only protected by user name and password. Besides easy-to-guess passwords you also have to worry about insecure password reset procedures and compromised endpoints where bad guys can steal passwords by simply logging keystrokes of the user.
There's a wide array of additional security measures being taken by different cloud providers, security vendors and web developers ranging from:
- 2-step verification
- SMS text messages
- Automated phone calls
- IP address checks
- Tokens
- Authenticator apps
- Email verification
In this real training for free ™ I will show you how more and more companies are dynamically adjusting security controls on the fly through real-time security analytics. This is really important as people are more mobile and bringing their own devices to work even as data breaches multiply. We have to step up our game with tighter controls, better monitoring and stronger authentication. But at the same time, business still needs to get done. If you can only implement one static security policy at a time, you are either going to be too lax or too strict. Either security or productivity will suffer. Traditionally it's been a simple matter of choosing a balance between the 2 extremes and hoping for the best.
But now you can analyze all available security variables each time a user attempts access and dynamically adjust to the level of risk or unusual indicators detected. Tighten restrictions and require more security when appropriate or relax things when all checks come up green.
Here's an example of what I'm talking about: Let's say you normally see John logon from an IP address from within the US but this time he shows up as coming in from China. So, this time when John attempts to logon you ask for additional authentication such as an OTP from a mobile device authenticator app or SMS text message. Or let's say that within the space of just an hour John has attempted to logon from 2 different continents and the latest attempt is from an unrecognized device. Perhaps you decide at that point not to allow access at all.
Dell Software has graciously agreed to sponsor this webinar and Joe Campbell will briefly show you how their latest version of Cloud Access Manager adds adaptive security to their already compelling combination of single-signon access to both internal and cloud based web applications.
Join me for this real training for free ™ event. Please register now!