Being in tech and a self-proclaimed sports junkie, I couldn’t resist writing my blog about my favorite sporting event — March Madness. If you’re like me, you watched the selection show this past weekend and started thinking about your bracket. You said to yourself, I know the perfect bracket is impossible — but one day I’m going to get it right. Depending on who you listen to the odds range from a high of 1 in 128 billion to a low of 1 in 9.2 quintillion (yes, that’s a real number — 9 followed by 18 digits). So, I wasn’t too disappointed when my bracket was busted on day 1. I figured I could win my pool with a perfect Final Four still in tact. And then the nearly impossible happened; a 15 seed (Middle Tennessee State University) beat a 2 seed (Michigan State University). Given that I had picked the Spartans to win it all, I was officially out of my pool a little over 24 hours into the tournament.
Fortunately, moving to the cloud and leveraging SaaS is far simpler than that. What makes SaaS difficult for companies is the proliferation of passwords and loss of control by the organization when line-of-business owners implement these apps. Companies can safely and easily leverage the cloud by adopting a common identity platform. The key to moving to the cloud is to pick a solution that enables you to leverage your existing identity infrastructure and extend it to your cloud applications.
Centrify Identity Service serves as an enabling technology for SaaS by giving control to IT and consolidating and reducing the number of passwords used by each employee. Most modern cloud apps support single sign on using standards, like SAML and OpenID Connect, which use secure tokens instead of usernames and passwords. When these apps are deployed and managed by IT, the user doesn’t have to remember a new set of credentials. In addition to being simpler for the end user, this approach protects the organization from cyberthreats. We know that compromised credentials are the leading point of attack used in data breaches. This problem has been exacerbated by the adoption of SaaS.
Creating distinct and strong passwords for every app is a challenge. Users often resort to poor password hygiene using weak passwords and/or re-using the same password in each account that they create. (The image to the right are the top 25 most commonly used passwords of 2015.) With Centrify Identity Service, users only need to remember one set of credentials, the same credentials that they use to login to their corporate computer. For the non-SSO apps, the service remembers and plays back credentials for the user when they need to access the app. This allows the user to create complex and unique passwords for each app.
In addition, with Centrify Identity Service, the IT Admin can set policies to restrict how, when and where the user accesses their apps. This rich policy engine enables adaptive authentication whereby user access can be blocked, or challenged for multi-factor authentication based on context (e.g. time, location, etc.). These policies can be applied to the service as a whole or on an app-by-app basis. Most importantly, while this adds much needed security to the cloud, this does not compromise the user experience.
So, don’t worry about your busted bracket; nobody gets that right. And, don’t worry about moving to the cloud, Centrify makes SaaS easy!
Click here to read our “best practices brief” on strengthening app security with multi-factor authentication.