Identity & Access Management

Identity & Access Management

Anti-virus-78

Security has traditionally been very heavily reliant on identity in the past, principally username and password.  But, as technology has moved forward, username and password are too easy to crack.  If your security relies on username and password alone, whether this is for local applications, email or cloud-based applications, you are a prime target for hackers.

The hackers of today are equipped with a much more robust toolset than in the past.  Password crackers, brute force attacks and one of the currently preferred methods, phishing attacks, make it easy for bad actors to compromise the integrity of your organization.

That’s why Total Access Control can use much more than simple username and password. But equally important, these methods can be done transparently to the user, so it will not impact the simplicity of the sign in process and the one-click access to resources that TAC provides.

TAC has a very robust suite of supported authentication products such as:

Active Directory

Radius

OKTA

ADFS

LDAP

SAML

And Much More...

Multifactor Authentication

TAC also provides the ability to use Multi-factor Authentication.  In fact, our SafeLogin® technology is included as part of TAC.  But we also support most multi-factor authentication products such as:

RSA SecurID

Safenet

Swivel

Biometrics

RSA SecurID

Safenet

Swivel

Biometrics

However, TAC goes much further than simple multifactor authentication.

Context of Access

TAC utilizes Context of Access to help determine which resources are available and which resources are not.

Context of Access is very important today because security is not just username and password anymore, it must be stronger.

You need to take into account the way in which someone is accessing, where are they coming in from (trusted or untrusted location), what type of device are they using and what’s the status of that device.

By using the Context of Access, TAC can provide many factors of authentication and give your organization a much stronger security posture and prevent or limit access from untrusted scenarios.

And these can all be done transparently so that the end user does not need to provide anything more than their logon credentials and perhaps multi-factor authentication if it is being used.

Context of Access can include many different ways to validate and verify a user’s request for access:

Device Type

Device Operating System

Operating System Version/Patch Level

Running a Current AntiVirus?

Registry Entries

Certificate

Domain Joined Status

Jailbreak/Rooted Device Check

Mobile Device PIN Requirement

Many More Ways to Customize

Device Validation

TAC has the capability of validating a user’s device.  When device validation is turned on, a user’s device is bound to that user’s account.  The device must be approved for use by an administrator before that user can get access.  Once approved, the user must have both their valid credentials and the approved hardware device before any access will be allowed.  This provides a much stronger way to control access to information and to protect the organization.

It’s also easy to revoke the privilege of a particular hardware device.  Say, for example, a user loses their mobile phone, but still has their tablet and laptop.  Just the mobile phone can be blocked.  It can also be wiped (full or partial) to protect the information on the device.  If the device is found again, it can just as easily be unwiped and the user can begin using it again right away.

validation

Phishing Protection

One of the biggest issues currently facing organizations is Phishing attacks.

When using Device Validation you also get other substantial benefits, one being Phishing protection.

For many organization using just username and password, a phishing attack that compromises a user’s credentials is a very serious breach.  Once inside, the hackers will use the breached account to pivot and attack more people and assets within the organization.  Protection from this kind of attack is crucial (and all too commonly missing).

TAC provides protection from phishing attacks by combining multiple factors of authentication which a hacker would not be able to obtain.

As an example, with device validation turned on, the user’s account is bound to a physical hardware device.  Even if a hacker gets the username and password, they would not have the same hardware device, so any attempt to make a connection would be denied.

TAC can use many different factors of authentication to protect you from phishing attacks as well, some of those ways are listed previously but there are many ways you can customize to fit your specific needs.

Did you know?

81% of hacking-related breaches leveraged either stolen and/or weak passwords
2017 Verizon Data Breach Investigations Report

Use of stolen credentials and backdoor/C2 were the most prominent hacking varieties (represented in over half of the breaches), with brute force attacks reporting just under a third. Many of these attacks involved actors using valid partner credentials and backdoors, while a third of them represented desktop sharing as the hacking vector.

* 2017 Verizon Data Breach Investigations Report (10th edition)

laptophook

7.3% of users across multiple data contributors were successfully phished—whether via a link or an opened attachment. That begged the question, “How many users fell victim more than once over the course of a year?” The answer is, in a typical company (with 30 or more employees), about 15% of all unique users who fell victim once, also took the bait a second time. 3% of all unique users clicked more than twice, and finally, less than 1% clicked more than three times.

Explore the Functions of

Introducing Total Access Control (TAC)

Consolidated and intelligent security for today’s hybrid enterprise.

These two forces have always been opposed: Security versus access.

You don’t have to fight these battles any longer.

Total Access Control goes much further than simply verifying user authorizations. It is a proxy-based system that serves as a gatekeeper to the applications behind it.

Security tools must be high performance and simple to administer.

Total Access Control puts a premium on both.

Security is too complicated for end users.  It doesn’t have to be.

EASY TO USE, SECURE, INTELLIGENT ACCESS TO EVERY APPLICATION TYPE – ALL FROM ONE POINT OF ENTRY.

One Vendor, One Platform, The Technologies you need...

All working together, Intelligently.

Questions? Call Us!

We’re here to help. Give us a call and speak
with a security specialist who will answer
any questions you might have.

US +1 781 996 4900
UK +44 208 196 2420

Request a Demo

In 30 minutes, our system engineers will show you how PortSys Total Access Control can help you achieve compliance, protect your data, and increase efficiency, while enhancing the end user experience.

Free Security Assessment

Not sure whether your environment is protected? In 2 easy steps, we’ll help you find risk areas, audit access, and go through your access requirements.