Sunday, 5 June 2011

Cloud Identity Management

OneLogin enables users to sign in once – to their local area network or OneLogin – and gain one-click access to all their web applications without having to enter a password again. OneLogin integrates with all your company's web applications, in the cloud and behind the firewall, using SAML, OpenID, form-based authentication and proprietary protocols. And you can easily integrate in-house applications too.

A few features of this solution and technology I like include:
  • ability to generate complex passwords for each application to increase secrurity levels for access to web applications. The passwords are complex in format; an example is 3$,{73zLL>hz#j
  • integration with directory services from Microsoft (AD), LDAP, and Google Apps for user name synchronisation and login authentication
  • restrict an IP range, this will allow a company to only allow staff to access the applications from their office network
  • full reporting on who is using which application
  • easy to roll out a new application by simply placing it on the OneLogin application interface
  • support is provided for a "one-time password" generated by a token, this is installed on my mobile phone from VeriSign. I have set this just for administrators and people that need to access bank accounts, this adds an additional security level similar to what HSBC offer their customers
  • SAML integration for Google Apps and Zoho for full security control of these applications, this will mean access to Google Apps can be control and not used outside of the office, a combination of SAML and IP addresses settings will achieve this
  • roles based security grouping of application access
  • organisation of applications under tabs
  • user can add their own additional applications
  • US$5 per user per month

Corporate Data Protection from Phishing

Many technical solutions have been proposed to combat phishing, but none of them are fool proof. The only effective ways are educating users about how to detect phishing as well as eliminating passwords and this is where identity management tools like OneLogin can help.

If your users only have to remember one password, i.e. to their Single Sign On (SSO) portal, it will be easier for them to detect phishing attempts. Plus, if none of your users have a Paypal password, they can't be tricked into entering it on a fake PayPal login page.

No comments:

Post a comment