Introduction
If your strategy is to use more Microsoft applications and services, it’s time to take a closer look at how you balance secure access with usability, flexibility and efficiency. Using the right authentication and access solution with your Microsoft investment can enhance security, reduce time to deploy and simplify the user experience.
Many security conscious customers select iDENprotect to manage authentication, access and enterprise identity for their applications wherever they may be hosted. Here are six reasons why.
-
True Multi-Factor Authentication and Simple to Use
Many organisations have concerns about accessing remote systems and adopting cloud technologies, especially when it comes to providing simple yet secure access to corporate systems and sensitive data. They are right to be concerned as if it goes wrong the consequences can be severe.
However, they can have confidence in iDENprotect. iDENprotect provides true Multi-Factor authentication (MFA) by using the secure embedded hardware chip that’s isolated on the mobile device, providing an extra and necessary layer of security. This eliminates vulnerabilities that may exist on other so called MFA solutions that would offer little in terms of defence against malware, cloning or application attacks where credentials could be compromised. iDENprotect is perfect for authenticating to cloud applications, on-premises applications and authentication for remote access and VPNs alike, with a user experience that is best in class.
While Microsoft offers a cloud-based solution for MFA with its Microsoft Authenticator app, it isn’t true MFA and has differing user experiences depending on the application being accessed. The Microsoft authenticator also has limitations when it comes to integrating with some non-Microsoft applications, custom applications and legacy applications. Using Microsoft Authenticator on-premise also requires further servers and configurations.
iDENprotect’s true MFA provides the strongest authentication across all applications and has a simple user experience that can be consistent across different applications. iDENprotect can be installed on-premise or can be used as a cloud service. iDENprotect is simply easier to use for both administrators and end users and puts your organisation in control.
-
Defence In-depth Controls
Modern security approaches require a defence in-depth strategy to ensure that the organisation can be properly protected. For many years, security conscious organisations have been implementing perimeter security using two different firewall vendors as a way of providing defence in-depth so that if one firewall was compromised, the other firewall would not face the same issue. Today, using different vendors within a security architecture is still a strong way to provide defence in-depth and supports operational resilience, which is part of many financial service regulations globally.
If an organisation is using Microsoft technology for their servers, computers and applications should they use a Microsoft service to secure and manage access to their organisation? Can they be sure that a vulnerability on a Windows server wouldn’t affect the Microsoft Authenticator that also runs on a Windows server?
An iDENprotect solution provides the necessary airgap required to implement defence in-depth security architecture. Your organisation owns the keys and the processes to manage those keys on mobile devices, while the single sign-on solution is configured to access many applications without needing a password. If there are vulnerabilities with Microsoft technologies, you can be confident that those same vulnerabilities will not affect iDENprotect and you can rely on your secure access being protected by iDENprotect.
-
Simplified Single Sign-On to Countless Applications
Many of today’s organisations use Active Directory to manage their users. Having the ability to enable those users for Single Sign-On (SSO) to both on-premise and cloud applications is the goal. When properly implemented, Single Sign-On removes the user frustration of multiple application-specific usernames and passwords. Single Sign-on drives access consistency, releases productivity gains and improves the security of corporate data.
Microsoft has a number of tools to enable SSO such as Active Directory Federation Services (ADFS), Azure AD Connect, Password Sync, Passthrough authentication, and Microsoft Identity Manager. These tools work well but are complex and take time, while not all applications will work with Microsoft’s SSO tools, especially on-premise applications, various non-Microsoft applications and legacy applications. This means that options can become limited, workarounds become vulnerable or a more complex user experience is delivered.
iDENprotect is different, it is simple to setup and has more flexibility in how it can deliver SSO. Deployment of SSO of applications with iDENprotect is quick and easy to configure and provides a simple user experience.
-
Greater Flexibility to Access Applications
Many businesses choose iDENprotect specifically to protect access to Office 365 from any device. That’s because iDENprotect delivers a step-up in security without any compromise on usability.
As organisations move to put most of their corporate data into the Microsoft basket for many this is a journey from on-premise to cloud. That means that many applications and systems are still being used on-premise, or alternatively some of the corporate data is moving into other cloud services and on-premise installations. Enterprises need solutions that deliver a level of security above and beyond those offered by purely mobile, client-based authentication services. Solutions that can adapt to different technologies, processes and ways of working.
iDENprotect uses modern authentication standards, as well as PKI-backed technologies, that leverage the embedded security in mobile devices to deliver the additional level of security required. All this without compromising usability or impacting on user-productivity and providing the flexibility needed for business and data transformation.
-
Supporting Microsoft and Other Technologies
Whilst we fully support Microsoft products and software, iDENprotect also recognises that many organisations have a complex and varied environment.
If you use Microsoft applications and services then iDENprotect should be your choice for authentication, single sign-on and identity management. We have a strong partnership and broad integration with Microsoft products including Office 365, Windows 10, Azure AD and other well-known Microsoft products. However, iDENprotect also works wonderfully with other technology vendors, as our vendor agnostic technology makes it easy to roll out thousands of cloud applications and services – as well as Microsoft products.
-
Buy “best of breed”
Microsoft’s authentication solutions are designed to increase your level of comfort in investing further in other Microsoft solutions. Authentication is only a small part of what Microsoft creates and provides, therefore it is a small focus for them.
At iDENprotect, Authentication and Access Management is what we do, rather than a bolt-on feature to our main business. We are constantly looking to improve our security, usability and applicability. We will work with you to meet your evolving authentication requirements and create the user experience you want for your organisation.
