Device Trust: Establish the Root of Trust Before SSO.
Mobile. Desktop. Laptop. Server.
What is Device Trust?
Device trust is the process of verifying that a device is secure before allowing it to connect to a network or access resources. It involves:
- Verifying that the device is known, secure, and uncompromised
- Assessing the device’s health
- Enforcing application-specific security policies to authorize access
- Creating an access policy against the context of user identity, device trust, and resource sensitivity
Organizations assume their devices are secured by their SSO provider. Such assumptions create a critical device vulnerability that hackers often exploit. With SecureAuth, every mobile phone, desktop, laptop, and server is secured.
Why Device Trust is Critical to Identity Security
The Federal Government mandates that all their agencies must have at least 1 device-level signal alongside identity info about the user. Such mandates will soon be adopted for all verticals.
With SecureAuth Device Trust, you are exceeding this mandate as we detect signals from both the workstation and mobile device throughout the user journey, including post authorization.
SecureAuth Device Trust not only secures the device and provides root of trust, it’s also the credential provider.
How Does Authentication Security Work Without Mobile Phones?
For enterprises who don’t want to use personal phones for authentication security, we ask you: Are you willing to sacrifice your company brand, security, and financial losses? Most often, the answer is no and you may want to mandate the use of personal phones. If you are using Passkeys, mobile phones are also a requirement.
SecureAuth can also offer mobile phones for corporate use.
If mobile phones are still a hard no, then there are other MFA methods to use for a device signal, like YubiKeys. SecureAuth can support many authentication factors based on the customer’s needs.
Non-Persistent VDI Use Case
VDIs pose heightened security risks as one user can accidentally download malware that can infect the entire network. To mitigate such risks, many organizations demand non-persistent VDIs.
All VDIs are wiped (I.e. deleted and re-created based on a golden image) on a routine basis, while users retain the ability to frictionless login like any other day. No mobile devices needed (after the initial pairing).
The initial pairing includes each user downloading the SecureAuth Mobile app so every authentication instance is tracked by user with the appropriate risk score. No MFA prompt is needed if the risk score is within a secure range (as defined by the organization).
Security Starts with Devices.
Make Them a Priority.
Detect Threats Across All End Points
Identify risky devices to safeguard the enterprise by applying Zero Trust policies. Get a centralized view into all device authentication attempts and receive alerts to any suspicious activity. SecureAuth Device Trust strengthens your security posture against hackers.
Get Compliant for Cyber Insurance and ZTA
Streamline remote audit logs and control of user access to comply with the latest compliance requirements.
Realize significant cost savings from implementing a risk-based continuous authentication solution
Cyber Insurance eBook
Traditional MFA Not Enough for Cyber Insurance Compliance