Context Based Authentication for Workforce Single Sign-On

Passwords alone are not sufficient to protect access to business applications and resources via Single Sign-On systems. ThreatMetrix™ easily integrates with workforce Single Sign-On (SSO) solutions to provide frictionless two-factor, context based authentication – significantly strengthening the system’s security.

Corporate network perimeters have virtually disappeared due to the evolution of Bring Your Own Device (BYOD) and cloud-based applications that provide employee, partner and contractor access. As a result enterprises must identify new approaches for securing access to corporate applications and digital assets. Gartner estimates that by year end 2016, more than 30 percent of enterprises will use contextual authentication for remote workforce access. The integration of ThreatMetrix with single sign on solutions leverages context-based authentication and single sign-on, enabling enterprises to deliver secure, frictionless access to their business applications for all users.

 

workforce-diagram-web

ThreatMetrix Context Based Authentication for Workforce SSO Systems

ThreatMetrix utilizes real-time advanced device profiling and data from the largest shared global trust intelligence network to evaluate the entire context surrounding each authentication. This includes:

  • Device analytics: Composed of uniquely identifying each device, determining its location, association with the user, and ties to criminal activity or hacker rings; detecting the presence of anonymizers, bots or malware; and exposing other anomalies that may indicate hacking or a compromised device.
  • Identity analytics: Pinpointing user association(s) with the company systems and other trusted entities, and reporting any history or affiliation with crime, fraud, or hacking activities.
  • Behavior analytics: Analyzes normal login patterns such as login frequencies, locations, typical access times, login names, and devices used.

This completely transparent authentication system not only evaluates the entire login context, but adds two-factor authentication capabilities by verifying something the user has (one or more known specific devices), and something the user actually is (their Persona ID).

ThreatMetrix SSO Integration Overview

ThreatMetrix can work with any SSO vendor to add context based authentication. The integrated solution works in three distinct steps:

  • When users log into the SSO system, ThreatMetrix – in real time – analyzes the connecting device, associated online personas, transaction context and past behavior
  • The resulting analysis is used by a global policy engine that lets businesses define appropriate risk and trust levels to determine access
  • Based on achieving a predefined level of trust, users are granted access through the SSO system to all their associated applications and online resources

Click here to learn about an example ThreatMetrix SSO integration with Ping Identity.