As cloud-based collaboration and file sharing rapidly grow, you need assurance that users accessing the SaaS applications where sensitive or critical data is being stored are whom they say they are. CipherCloud Adaptive Access Control (AAC) provides advanced account protection, with the ability to identify unauthorized access.
Integration with Enterprise MDM platforms provides the ability for the CipherCloud CASB+ to enforce device-level access restriction on all Cloud Applications. Sophisticated policies can be defined to enforce user login location restrictions, device type restrictions including managed or unmanaged devices, the device Operating System and the device type. The combined capabilities can ensure that access is only granted when all restrictions are met, providing further protection from unauthorized access with compromised accounts.
The CipherCloud CASB+ platform integrates with enterprise Identity and Access Management (IAM) systems including Okta and others, allowing you to extend existing enterprise access policies to all of your cloud applications. CipherCloud makes efficient use of existing user profiles, simplifying the user access experience while enforcing strong authentication requirements.
CipherCloud makes it easy to create context-aware policies based on who, what, where and why and automatically take appropriate actions to prevent data loss. Actions can include block, quarantine, redirect, notify, self-remediation, block sharing (internal or external) and selective encryption.
One of the advantages of cloud-based applications is the ability to access them anywhere, at any time. However, controlling the locations that users can access these applications can be a critical requirement for many reasons. One common reason is local privacy laws and compliance requirements that often require location access restriction of sensitive or Personally Identifiable Information (PII) stored within these applications. The CipherCloud platform simplifies these requirements by allowing policies to be created on where users can access specific applications or data types. In addition, you can restrict access from locations that are not associated with your organization, or areas known for hostile cybercriminal activity.
CipherCloud can identify when cloud accounts are being accessed by multiple users at the same time in multiple locations. The CASB+ platform tracks the location of each users cloud authentication process and maps the location they are accessing from. Built-in account protection capabilities detect when an account is being used in multiple locations at the same time. What sets CipherCloud apart is not only the ability to detect this type of unauthorized activity but the ability to detect it across different cloud applications.
CipherCloud elevates the authentication security controls to new levels with dynamic remediation even after a user has successfully authenticated. Typically authentication processes verify users access when they complete the required responses – often including username, password and some form of second-factor authentication, which are all strong security controls. However, once a user has been authenticated, the authentication process is complete. The CipherCloud CASB+ platform not only provides additional context to the authentication process (see above), but it will monitor the user’s activity within the applications, and if a policy violation occurs, a remediation action can be invoked. This can include actively logging the user off, protecting content and many other actions. These additional remediation protection features ensure user accounts are not compromised or being used by malicious insiders.