SecureAuth

Solution Brief

SecureAuth & Netskope

Protecting sensitive data across the cloud

The Challenge

A more flexible workforce means an increased adoption of cloud services and while this makes it quicker and easier for your workforce to do their job, it also increases your organization’s exposure to potential risks.

Most organizations feel that two-factor authentication (2FA) is a great first step towards better identity and access security, especially when managing cloud services. However, as the last few years have shown, it’s not enough:

  1. Knowledge-based Q&A can easily be social engineered.
  2. Hard tokens have been compromised in the past.
  3. popular push notifications have been routinely falsely accepted.
  4. One-time passcodes, delivered via SMS/text, can be spoofed.

It’s clear a more robust cloud IAM solution is needed that allows organizations to decrease risk while providing a safer, easier user experience.

Gartner reports that about $133.7 billion was spent on security in 2020 – but less than 10% was spent on identity security
Verizon DBIR report for 2020 confirms that over 80% of data breaches involved the use of weak or stolen credentials
In 2020 the volume of records compromised by data breaches jumped by 141% to 37 billion, reports RBS
Ponemon Institute reports that the average cost of data breach is $4.24 million per incident in 2020

The Solution

Together with the cloud-native SWG+CASB+DLP solution from Netskope, SecureAuth offers multiple pre-authentication risk checks that provide unparalleled visibility into real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. This adaptive/risk-based authentication runs behind the scenes for seamless access and ensures you can easily identify legitimate access while denying attackers.

Netskope Next Gen Secure Web Gateway understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

Solution Highlights

Complete identity protection

  • Move to passwordless login with 25+ MFA methods
  • Roll out the industry’s most pre-authentication risk checks

Fast passwordless login

  • Empower users to go passwordless with high identity confidence
  • Reduce login time further with SSO
  • Tailor the authentication process for different users and resources

Clever self-service

  • Improve productivity and reduce helpdesk costs/burden with self-service
  • Provide multiple ways for secure password reset

Granular cloud access control

  • Set conditional, granular policies that dictate employee access to both sanctioned and unsanctioned cloud services, based on contextual data

Security Benefits of SecureAuth + Netskope

Multi-layer protection

Adaptive authentication is the best defense against hackers that doesn’t inhibit the daily routine of users. SecureAuth combines its own threat data with internal and external feeds to detect and block threats in real-time.

Built-in adaptive auth

SecureAuth adaptive authentication lets users sign-in with passwordless login, require MFA for medium risk, and simply deny or redirect for high risk logins.

Simple login with SSO/PAM

SecureAuth’s integration with Netskope enables users to use their SSO credentials. You can also secure Administrator access to your Netskope tenant by ensuring that only privileged users with trusted identities can make changes.

SecureAuth Netskope Flowchart
  1. When user attempts to access cloud service, Netskope intercepts the request and redirects user to SecureAuth for authentication.
  2. SecureAuth performs a comprehensive evaluation of the login, including input from internal and external risk services.
  3. Once authenticated, user is redirected back to the Netskope CASB solution.
  4. Netskope applies security policies, access controls, DLP, and/or threat protection set over the target cloud service usage.

The combination of SecureAuth and Netskope

Cloud services discovery and onboarding: Find all cloud services across SaaS, IaaS, and PaaS in use with Netskope and assess enterprise-readiness of each service. Onboard the popular and IT-approved ones with SecureAuth IdP to manage cloud identity and security

Adaptive Authentication: Customize the end-user authentication workflow based on risk: allow access for low-risk requests without MFA prompts; require MFA for medium risk, and deny or redirect for high risk to deliver the most user- friendly authentication experience.

Granular security policies, access controls, and cloud DLP: Once users sign into SecureAuth for sanctioned cloud service access, Netskope governs the usage of those services. Automatically detect and prompt a streamlined workflow to install the Netskope app onto devices once logged in through SecureAuth. This ensures full visibility and security of unsanctioned cloud usage as well, beyond sanctioned services.

Cloud threat and malware protection: Protect employees from cloud threats like malware and ransomware with real-time scanning of uploads and downloads to cloud services, integrated with automated remediation. Secure accounts with additional capabilities like anomaly and compromised credentials detection.

Comprehensive Reporting: Report on all cloud usage for visibility and compliance. Run reports in real-time to audit organizational cloud usage and risk

Resources

Netskope and SecureAuth Solution Brief
Netskope Technology Partners for SSO/IDM

Pin It on Pinterest