Identity-as-a-Service function Application-Level 2FA

Written by Rajat Bhargava on February 17, 2017

Share This Article

Identity theft is one of the most critical issues that IT admins are facing. More companies than ever are being breached. And those breaches are causing significant damage. Generally, the source of those breaches is identities being hijacked and leveraged for malicious purposes.

There are ways that IT admins can combat this issue. The new Identity-as-a-Service function for application-level 2FA (two-factor authentication) can help reduce the risk of an identity compromise.

Looking Back at IAM

Identity-as-a-Service has become one of the hottest segments in the identity and access management sector. Originally, IAM technologies were all on-prem. The core of an IAM strategy used to be Microsoft Active Directory®. Since a network was largely Microsoft Windows based and on-prem, it made a lot of sense to be tied to AD.

A large number of add-on tools were created for Active Directory as well. Some of these tools helped manage web applications. Over time, these web application single sign-on solutions moved to the cloud. They started calling themselves Identity-as-a-Service (or IDaaS for short).

Evolution and Categorization of Identity-as-a-Service

They were closely aligned with AD, but their part of the IAM puzzle was delivered from the cloud. But then a funny thing happened. The world started to shift away from Microsoft and being on-prem. Mixed-platform environments were a reality with the massive growth of macOS and Linux systems. Cloud infrastructure, for example, AWS and Google Cloud were the modern-day equivalent to on-prem data centers. Web applications were being used by every facet of the organization.

The IT landscape was vastly different from when the term IDaaS was created.

Categories of IAM today

The pyramid above shows the categories of today’s Identity and Access Management market. As you can see, the foundation is the directory and MFA (multi-factor authentication, but also known as 2FA) is at the top. What we’ve found is that as organization’s modernize, it becomes increasingly important for them to manage their identities from the top to the bottom of this pyramid.

Growing Demand for Application-Level 2FA

IT admins aren’t standing still on IAM. That’s a recipe for their identities to be compromised.

IT has demanded cloud identity management solutions for better identity security and management. The market has answered. The modern incarnation of Identity-as-a-Service emerged and is called Directory-as-a-Service®. Among other functionality, this platform offers centralized user management, hosted LDAP, cloud RADIUS, device management, True Single Sign-On, event logging, and multi-factor authentication. As part of this IDaaS approach, application-level MFA was a critical component.

As users logged into the portal to access their applications, IT admins could require a two-factor token to be input. This dramatically stepped up security for the organization. In order to access their applications, users needed to not only know their username and password, but they also had to enter a token generated on their smartphone. Now, they needed to have something that they knew (their password) as well as something that they had (their smartphone). Multi-factor authentication reduces the chances of an identity breach. Directory-as-a-Service, a modern Identity-as-a-Service solution, provides application level 2FA as part of its core functionality.

Learn More about Directory-as-a-Service

If you would like to learn more about how the Identity-as-a-Service function for application-level 2FA works, drop us a note. Also, feel free to give it a try for yourself. Sign up for a free account now. Your first 10 users are free forever.

Continue Learning with our Newsletter