Idaptive, a company dedicated to identity-as-a-service (IDaaS) solutions, has introduced an intelligent identity solution that verifies and validates people, devices and services. The Next-Gen Access Cloud uses a zero-trust approach, combining single sign-on (SSO), multifactor authentication (MFA), endpoint and mobile context, and user behavior analytics into one solution.
While other solutions offer SSO and/or MFA, this is the first solution to bundle all of these capabilities. With all of these functions working together, organizations can experience faster logins, as well as better security against hacks and breaches, according to CEO Danny Kibel.
“When it comes to identity, there are the table stakes of ‘verifying and validating’ that all companies must do across users, devices and services,” Kibel said. “It gets more interesting when the solution becomes smart, learning from and adapting to new risk factors to more intelligently inform future decisions about access.”
What Kibel is talking about is how the solution uses machine learning to continually learn from and adapt to millions of daily logins and access attempts that occur across devices, apps and services, converting raw access data into actionable intelligence. For example, Idaptive can tell when a person who usually accesses an app from New York tries to log in from Nevada, or when someone tries to get access from a known device, but at an unusual time. When something like this occurs, the platform automatically prompts the user for an added layer of authentication.
The way Idaptive incorporates analytics is, in a way, Idaptive’s secret ingredient, said Garrett Bekker, a principal analyst at 451 Research.
“One of the shortcomings of most IDaaS offerings is they are binary--they give either a ‘yes’ or ‘no’ response to an access request, but they are blind to whatever the user does after that point in time,” he explained. “Adding analytics to observe behavior post-log-in can help move to a more continuous offering, and also help detect things like stolen credentials or man-in-the-middle attacks.”
Other important features of Next-Gen Access Cloud include scoring user access risk across Idaptive’s global dataset to help prevent breaches, automatically creating individual user profiles based on login context and risk, and accommodating a vast number of applications, services and data located on premise, on devices and in the cloud.
There are many ways companies can use Next-Gen Access Cloud. These include onboarding new employees, migrating existing employees to new roles, and securing critical customer and partner endpoints across global supply chains. The company also is working on creating developer tools so IT professionals can build better experiences around identity and access for their companies.