Adaptive Access Control

Identify and Protect from Unauthorized Account Access

As cloud-based collaboration and file sharing rapidly grow, you need assurance that users accessing the SaaS applications where sensitive or critical data is being stored are whom they say they are. CipherCloud AAC provides advanced account protection, with the ability to identify unauthorized access.

CipherCloud Adaptive Access Control Delivers:

Unauthorized access
from restricted
geographic locations

Multi-cloud protection
across the widest range
of cloud apps

Out-of-the-box
compliance policies for
many global regulations

On-demand scanning
of new files or content
going to the cloud

Historical data scans
to detect sensitive
data already in the cloud

Integration with enterprise
DLP systems to extend
corporate policies to cloud apps

Device Access Protection

Integration with Enterprise MDM platforms provides the ability for the CipherCloud CASB+ to enforce device-level access restriction on all Cloud Applications. Sophisticated policies can be defined to enforce user login location restrictions, device type restrictions including managed or unmanaged devices, the device Operating System and the device type. The combined capabilities can ensure that access is only granted when all restrictions are met, providing further protection from unauthorized access with compromised accounts.

Enterprise Identity and Access Management

The CipherCloud CASB+ platform integrates with enterprise Identity and Access Management (IAM) systems including Okta and others, allowing you to extend existing enterprise access policies to all of your cloud applications. CipherCloud makes efficient use of existing user profiles, simplifying the user access experience while enforcing strong authentication requirements.

Location Protection

CipherCloud makes it easy to create context-aware policies based on who, what, where and why and automatically take appropriate actions to prevent data loss. Actions can include block, quarantine, redirect, notify, self-remediation, block sharing (internal or external) and selective encryption.

On-Demand Scanning of Existing Cloud Data

One of the advantages of cloud-based applications is the ability to access them anywhere, at any time. However, controlling the locations that users can access these applications can be a critical requirement for many reasons. One common reason is local privacy laws and compliance requirements that often require location access restriction of sensitive or Personally Identifiable Information (PII) stored within these applications. The CipherCloud platform simplifies these requirements by allowing policies to be created on where users can access specific applications or data types. In addition, you can restrict access from locations that are not associated with your organization, or areas known for hostile cybercriminal activity.

Time Travel Protection

CipherCloud can identify when cloud accounts are being accessed by multiple users at the same time in multiple locations. The CASB+ platform tracks the location of each users cloud authentication process and maps the location they are accessing from. Built-in account protection capabilities detect when an account is being used in multiple locations at the same time. What sets CipherCloud apart is not only the ability to detect this type of unauthorized activity but the ability to detect it across different cloud applications.

Dynamic Remediation

CipherCloud elevates the authentication security controls to new levels with dynamic remediation even after a user has successfully authenticated. Typically authentication processes verify users access when they complete the required responses – often including username, password and some form of second-factor authentication, which are all strong security controls. However, once a user has been authenticated, the authentication process is complete. The CipherCloud CASB+ platform not only provides additional context to the authentication process (see above), but it will monitor the user’s activity within the applications, and if a policy violation occurs, a remediation action can be invoked. This can include actively logging the user off, protecting content and many other actions. These additional remediation protection features ensure user accounts are not compromised or being used by malicious insiders.

See How CipherCloud Can Help Secure Your Data In The Cloud