Back door access – similar to side door access – is far from a new problem in identity management. Yet I’m astounded by how many companies have virtually no idea what it is, or that they’re vulnerable to it, until it’s too late.
We hear this all the time from customers who find out after the fact that their identity and access management (IAM) solution failed to protect them from security and data breaches because they couldn’t keep ex-employees from continuing to access their applications and data.
Recent research has also shown that 38% of businesses have experienced unauthorized access to their applications. Given the average company uses 25 cloud-based applications, that’s not surprising. IT departments used to be able to purge ex-employees by removing or disabling their accounts in the company’s user store (think Active Directory or LDAP). But now with the proliferation of third party cloud apps like Salesforce and Box in the enterprise, it’s not so simple.
If the problem is so pervasive, is there anything a company can do to prevent it? Enter Identity as a Service from Symplified.
eliminate back door access by centralizing user authentication with single sign-on (SSO) to all of your applications, and directly verifying identities against the right user store. Symplified does this by connecting your applications to existing user stores to use network credentials for login rather than letting people maintain separate logins that are outside of IT’s control. We also perform authentication in real time – only letting current users who have your seal of approval to access your applications.
Some vendors fall down on this because they require their customers to sync and consolidate all of their existing user stores into a cloud environment, and in a batch process – not real time. That gap between sync and verification opens up a window for an ex-employee to log into into Salesforce and pluck your customer list for his new employer.
And older, legacy IAM vendors are great for delivering SSO for internal applications but haven’t adapted to solve for authentication and access control of cloud-based apps.
In sum, don’t panic. Symplified has got your back. Contact us today for a demo.