SBN

The Four Pillars of CASB: Identity

4P_Identity

With cloud being so prevalent, it is inefficient for organizations to not consolidate the existing identity and authentication systems used for internal applications. Consequently, employees will no longer need to memorize multiple passwords for the plethora of applications used in-house by utilizing a single sign-on. With the Bitglass admin platform, you can govern how and where employees can access corporate data. With this tool, organizations can block, allow, coach, or provide immediate levels of access to data and applications based on user identity and context. Additionally, organizations can use granular policies that can grant access based on the browser or application, type of device, and location.

 

IAM (Identity access management) is the critical point of access that all users encounter in order to view, download, or upload data to and from the cloud. Organizations can seamlessly integrate Bitglass IAM with their platforms, which enables them to authenticate and verify users via SSO (single sign-on). Therefore, organizations can choose to use Bitglass as their identity provider (IdP), or integrate Bitglass’ CASB with their own native SSO portal – as long as it is SAML 2.0 compliant. 

Implementing an SSO helps organizations directly manage access to sensitive information, which drastically decreases the chance of data leakage. IAM also allows the administrator to manage every account, so that unauthorized users or rogue employees can be locked out of all company systems to prevent insider threats. 

Bitglass also enables organizations to deploy MFA (multi-factor authentication) and step-up authentication to confirm user identity and to investigate suspicious logins. Furthermore, MFA requires an additional token upon login as an additional layer of security. By configuring the session management features, organizations can monitor user activity and force users to reauthenticate in order to prevent unauthorized access. Lastly, Bitglass communicates with the SSO and redirects users from the applications, which removes the need for vanity URLs, device configurations, or any change in the user experience.

To learn about cloud access security brokers (CASBs) and how they can protect your enterprise from data leakage, malware, and more, download the Top CASB Use Cases below.

Top CASB Use Cases


*** This is a Security Bloggers Network syndicated blog from Bitglass Blog authored by Juan Lugo. Read the original post at: https://www.bitglass.com/blog/four-pillars-casb-identity