SafeNet Trusted Access is an access management service that combines the convenience of single sign-on with granular access security. By validating identities, enforcing access policies and applying smart single sign-on, organizations can ensure secure, convenient access to numerous cloud applications from one easy-to-navigate console.
Offering fast and easy set-up, SafeNet Trusted Access simplifies cloud adoption with a single pane view for centrally defining and enforcing access controls throughout your cloud estate. SafeNet Trusted Access enables increased visibility and compliance, while offering scalability through simplified workflows delivered from the cloud.
By applying pre-defined access and authentication controls, SafeNet Trusted Access removes complexity and frustration for end-users, allowing them to use a single enterprise identity to access all their cloud apps.
SafeNet Trusted Access offers four core capabilities:
- Scenario-based Access Policies - Fine-grained access policies define which users can access which applications, using which authentication methods. Access policies can be defined flexibly per app(s) and user groups(s), addressing functional business needs (e.g. policy for VPN, specific portals and apps, etc.) and compliance needs (e.g. PCI DSS, NERC, CJIS, PSN). For example, a time management application may require minimal access controls, whereas the corporate VPN requires a more stringent access policy.
- Robust Authentication - Context-based authentication enhances user convenience by assessing contextual parameters to determine whether a login attempt is secure. When a login attempt is considered secure, the user is granted immediate access. When it is not considered secure, an additional authentication factor may be required. Contextual parameters may include such details such as a user’s network, location and OS.
- Smart Single Sign-On - Smart Single Sign-On lets users log in to all their cloud applications with a single identity, eliminating password fatigue, frustration, password resets and downtime.
- Users log in to all their cloud apps using their current enterprise identity (e.g. firstname.lastname@example.org) – the same identity they use to log in to the network in the morning or the VPN at night. Depending on the access policies defined, users may authenticate just once in order to concurrently gain access to all their cloud applications. For applications that require stronger access controls, they can be required to elevate trust with an additional authentication factor.
- Data-driven insights - Enabling organizations to fine-tune access policies over time, STA provides pass/fail authentication stats per application, per policy and per time period (e.g. day, week etc.) Information such as originating IP address provides increased visibility into the source of each access attempt, while the reason for failed or denied access attempts provides information that is instrumental in helpdesk support inquiries and security or compliance audits.
SafeNet Trusted Access works as follows:
- Validates a user’s identity
- Assesses which access policy should be applied – taking into account the application being accessed, the user’s role and contextual authentication requirements
- Applies appropriate access controls per policy with smart single sign on – based on previous authentications in the same single sign-on session, with step-up authentication applied only when called for by the policy.
- Combines intuitive cloud access management with strong authentication delivered from the cloud
- Offers a broad selection of step-up authentication methods and form factors, including hardware tokens, software tokens, push authentication, pattern-based authentication and out-of-band via SMS
- Fine-grained access policies are designed specifically for enterprise use cases, including secure access by employees and business partners.