Eliminating Security Gaps: Connected Security Alliance – Part II

Mike Desai
October 04, 2016

Get the latest from the SecureAuth Blog

A few days ago we talked about Connected Security Alliance – our revolutionary new endeavor that tackles the data breach problem from a new perspective. We explained why it was so necessary; namely, that we’re at a juncture where threats are getting more sophisticated and insidious. It’s becoming increasingly complex and arduous for security teams to protect their network.

SecureAuth is the only cybersecurity company that’s bridging the gap between IAM and Security. We believe security should be strong and simple and seamless. We also believe it should be more collaborative, which is why today we’re going to talk about the industry leaders who are partnering with us in this Alliance – and how together, we’re much more than the sum of our best-of- breed parts.

We’ll be announcing more partners in the future, but here are the ones we’re starting with.

SailPoint IdentityIQ. They calculate and assign a dynamic identity risk score based on tools that analyze entitlements, certifications and applications; this enhanced user context works with our authentication workflow to assign a risk score and to determine whether to allow or deny access – or step-up with multi-factor authentication. Not only does this add another layer of protection, admins are able to apply unique authentication requirements based on the application the user is trying to access.

CyberArk. This privileged account security integrates with our adaptive and multi-factor authentication to make sure only authorized users can access their privileged accounts – and that they can do so with minimal disruption or friction. Adaptive access control and authentication workflows that vary by situation or environment mean users get centralized, secure access to resources.

Exabeam. After this UEBA solution assigns a dynamic risk score based on user behavior, SecureAuth IdP leverages that score – and behavioral analytics – to apply authentication rules through adaptive authentication. Any risky or abnormal behavior on the user’s part will invite additional verification steps or blocked access. Those logs are then analyzed for future use in calculating risk scores.

The Connected Security Alliance in Action

So what do all these great tools look like when working in tandem? Let’s put it this way: while SecureAuth and these other best-of- breed solutions all offer strong security on their own, by linking up in a collaborative partnership, they become almost unstoppable.

That’s because Connected Security Alliance offers a framework of out-of- the-box integrations that address the entire attack lifecycle. As we said earlier, it’s the white spaces between solutions where criminals are exploiting vulnerabilities and penetrating networks. The Alliance closes those gaps with interoperable tools that can evaluate risk and find evidence of a potential or actual breach – radically shrinking the possibility of undetected criminals in your network and limiting damage. By leveraging identity context to strengthen perimeter security, these solutions protect your data even when bad actors have stolen valid credentials.

You might be thinking that this strength probably comes at a cost – namely, by imposing burdensome steps and requirements on the user. In fact, the Connected Security Alliance offers a smooth and convenient user experience. Two-factor authentication is partnered with adaptive tools that consider contextual factors such as geo-location, geo-velocity and IP reputation data; real-time global threat intelligence; behavioral biometrics; authorization features that inspect and validate the user’s identity and group memberships against the data store. Device recognition can register a device’s unique characteristics – such as HTTP headers, time zone or browser plug-ins – for any successfully authenticated user, then compare that fingerprint to future authentication attempts. All of these tools help users access resources and applications without perceiving the authentication process.

So yes, the Connected Security Alliance provides strong security and user convenience. And in the end, the benefits go well beyond stopping or identifying attacks. In our fast-paced world, users need to focus on getting business done – accessing email, completing workflows, logging in to resolve a problem or check on a project wherever they are and whenever they need to. They don’t have time to grapple with cumbersome extra security steps or deal with lost productivity. Advanced security solutions like Connected Security Alliance help them stay focused on their core mission. The same applies to IT teams, who’d like to spend their time and resources innovating to offer greater value to their business partners – not managing multiple disconnected solutions.

As we said, we’ll be announcing new partners and more best-of- breed integrations in the future. Keep tuning in to find out what’s new on the Connected Security Alliance front. In the meantime, make sure you join us on October 19 for our webinar with 451 Research. You’ll get to see the Connected Security Alliance in action.

Related Stories

Pin It on Pinterest

Share This