What is IDaaS?
Identity-as-a-Service (IDaaS) providers such as Okta, OneLogin, and Centrify, offer single sign-on authentication solutions that give users access to all applications at once through a centralized login point. On top of that, they allow organizations to implement multi-factor authentication and assign policies, roles and permissions by profile. The benefits are clear– they save time, enhance productivity, and more. But… IDaaS can be a risky business, too.
Why are CISOs So Focused on IDaaS Security?
CloudLock research has shown that cloud cybersecurity risk is highly concentrated among a small subset of users. In fact, 1% of users introduce 75% of the overall risk and are responsible for 62% of app installations. While IDaaS platforms increase ease of access for approved users, if privileged credentials fall into the wrong hands, or there’s a connection to a malicious app, the results can be catastrophic.
By the end of 2015, spending in the IDaaS market is set to have increased by 150% from last year. As IDaaS adoption increases, and users are connecting with ease to potentially thousands of apps at once, it’s crucial to keep a watchful eye on who’s passing through your IDaaS platform.
In this space, security is essentially a shared responsibility model. While IDaaS providers offer security capabilities around login behaviors, it’s crucial to identify behavior patterns that extend across platforms both at login and post-login to detect suspicious activity and session hijacking. Correlating that information across disparate systems is the only way to achieve heightened security intelligence.
Security for IDaaS
As you consider adding a CASB or other cloud security solution to your arsenal, your IDaaS platform must be accounted for. Look for protection around three main areas:
- Compromised Accounts – You’d be doing yourself a disservice by looking only at who logged into your IDaaS platform and when. It’s crucial to look beyond this initial activity. Once a user logs in, what behavior are they exhibiting across your SaaS, IaaS, and PaaS platforms? Is any of it suspicious?
You’ll need to be alerted to any instances of behavior which could potentially indicate threats– particularly when they may seem innocuous out of context, but, when examined in context, gain depth and meaning. A simple example– if a user initially logs into your IDaaS platform from New York, and then those same credentials are used to manipulate files within a SaaS environment like Google Drive from Sydney minutes later, you’ll want to be notified immediately and take action.
- Cloud Malware – Can you tell which apps are capable of accessing, modifying, and externalizing corporate data in your organization’s cloud environment? Cloud malware attacks can originate from apps that are malicious by design, or even trusted apps that are breached. With IDaaS platforms’ inherent extensibility, it’s important to be able to combat apps that may pose threats to your data security. Combining the connections of an IDaaS solution with the post-login intelligence from a CASB offers a powerful joint solution to defend against cloud malware.
If a user authorizes a dangerous app with their IDaaS credentials, whether maliciously or accidentally, they could easily open your organization to a major attack. IDaaS security solutions should allow you to monitor cloud applications and enable you to revoke access across all platforms and identities when needed.
- Security Operations and Forensics – The security functionality native to your IDaaS provider will likely give you great insight into user activities within the IDaaS platform itself. But, if you’re dealing with a security breach, or even just investigating daily security incidents, you’ll want a granular view and analysis of who did what and when across all cloud platforms, and an easy way to incorporate it into your organization’s operations.
Think You Have This Under Control?
Cloudlock, the leading Cloud Cybersecurity-as-a-Service company, partners with leading IDaaS companies and offers integrated solutions to bring you the best of both worlds.
Find out if you have anything to worry about – Get a Free Assessment to uncover cybersecurity risk across your entire cloud environment– IDaaS, SaaS, PaaS, and IaaS:
- Expose potential compromised accounts, cloud malware, or data security violations
- Validate adherence with internal or industry-governed regulations – PCI, HIPAA, FERPA, and more
- Receive a business analysis, mapping findings to your organizational goals