Kalleo Technologies

Kalleo Technologies

At Kalleo customer satisfaction is our team's measure of success.

T (270) 908-4136
Email: info@kalleo.net

Kalleo Technologies
401 Kentucky Ave Paducah, KY 42003

Open in Google Maps
"Where Technology Goes for Support"
Call Us: (270) 908-4136
  • Who We Serve
    • Healthcare
    • Transportation
    • Government
    • Technology Providers
  • Services We Offer
    • 24x7x365 Help Desk
    • Network Management Solutions
    • Complete IT Services
    • Professional IT Services
    • Cloud Services
    • Enterprise Mobility Solutions
  • Resource Library
    • Blog
    • Case Studies
  • Testimonials
  • Contact Us
  • Client Support
  • Home
  • Security
  • Identity and Access Management
May 10, 2022

Identity and Access Management

identity access management
Kalleo Technologies
Monday, March 8, 2021 / Published in Security, Security & Privacy

Identity and Access Management

In the past few years, we have seen a significant migration in most industries to a dispersed, work-from-home environment. Fewer employees come into the office, holding virtual meetings instead, yet the pace of business has not slowed.

Simultaneously, more and more business systems are supplied in a Software-as-a-Service (SaaS) model. This fulfillment means the organization pays a subscription fee to access software rather than buying the software and running it on company-owned IT infrastructure.

Employees also have more and more accounts; more usernames and passwords to remember. This shift makes it more difficult for organizations and their employees to control Identity and Access Management.

When an employee is working from home, can they sign-in to their company email from a personal computer? Likewise, what company data can users access from a hotel lobby computer?

If an employee leaves an organization, does anyone have a list of all the employee’s accounts? Can their access to internal systems be quickly disabled?

Do employees have so many different usernames and passwords that they must write down or use the same passwords across multiple services?

Defining Identity and Access Management

Identity and Access Management (IAM) enables organizations to answer these questions positively, so let us first examine Identity.

Identity refers to each employee’s digital identity within an organization; in most cases, this is one or many usernames. An employee likely has some of the following identities:

  • Active Directory account (used to sign-on to their corporate computer)
  • Office 365 account (Outlook, Teams, SharePoint, etc.)
  • Line of business (LOB) applications
    • Salesforce
    • ServiceNow
    • Zoom
    • Electronic medical records (EMR)
    • Accounting systems
    • iOS or Android accounts

Ideally, each employee should have a single corporate identity that uniquely identifies them. But in reality, we all have several accounts that identify us to different parts of an organization. Often, merely remembering all of these accounts is difficult, so how do we know they are secure?

Enter Single Sign-On (SSO). SSO enables each employee to have a single corporate identity, using it to access the corporate network, email, Salesforce, and beyond with only one account.

There is a wide variety of SSO solutions, but Kalleo Technologies recommends Azure AD since Microsoft has already integrated Azure AD in Office 365.

Azure AD SSO enables each employee to have a single corporate identity, one account. The same username and password used to sign-in to their computer can also sign-in to Zoom. When the password is changed, it is changed once for all systems. If an employee leaves the organization, it must only disable a single account.

Now that we have created one master account with access to everything, how do we make sure it is secure?

The answer is Access Management and cloud-based IT systems that allow sign-on from anywhere in the world on any device. This capability has tremendous power – and immense risk too.

Security and Access Management

Good security practice, like well-configured Access Management, is deployed in layers. A password is a form of Access Management in that it restricts access only to those who know the password. Unfortunately, a password by itself is not very secure. If you re-use the same password across multiple services and any of those services get breached, the breach exposes your passwords very often.

The next protection layer in Access Management is Multi-Factor Authentication (MFA), also called Two-Factor Authentication.

When you authenticate (sign-in), you provide your password as the first factor; this is “something you know.” The second factor is a 6-digit code sent to your phone; “something you have.” Combining something you know (password) and something you have (your phone) adds a strong layer of security to your account. Even if a malicious attacker knows your password, they must also have your phone to access your account.

In some cases, organizations may wish to have further access control. MFA provides robust protection from external threats, but what about internal threats? Internal threats can range from malicious insiders trying to steal company data to an employee using a friend’s computer to check their work email.

The next layer of Access Management could be blocking all sign-in attempts based on geographical location. For example, if you do not expect employees to sign-in from Russia, block sign-ins from Russia.  Access control can also be based on device type. With a Mobile Device Management (MDM) solution like Microsoft Intune, an organization could, for example, block sign-in attempts from devices (Laptops, smartphones, etc.) that are not company-owned.

Final Thoughts

Identity and Access Management is all about making sure the right people have the proper access in the right ways.

The specific needs of each organization can vary significantly. Yet almost every organization needs to manage identities and manage the access those accounts have.

If you would like to learn more about how Identity and Access Management can help your organization, please let us know!

Article Written by Greg Sneed / Senior Solutions Engineer / Kalleo Technologies

  • Tweet
Tagged under: scam, security

What you can read next

Healthcare Mobility Webinar
WEBINAR: Risks of Mobile Device Use by Healthcare Organizations
Isometric digital padlock
So, what is Unified Threat Management?
Attention: SCAM Alert!

Featured Posts

  • identity access management

    Identity and Access Management

    0 comments
  • Attention: SCAM Alert!

    0 comments
  • covid 19 plan kalleo

    Mission Ready

    0 comments
  • When is the Right Time to Move to the Cloud?

    0 comments
  • Isometric digital padlock

    So, what is Unified Threat Management?

    0 comments

Categories

  • About Kalleo
  • Business Continuity
  • Case Study
  • Cloud
  • Healthcare Industry
  • IT Leadership
  • Just for Fun
  • Mobile
  • Security
  • Security & Privacy
  • Social Media
  • Solutions for Business
  • Technology
  • Tips and Tricks
  • Transportation Industry
  • Uncategorized

OUR MISSION

We believe in the vision that technology makes people’s lives better. That is only achieved when you have the right technology, you use that technology in the right way, and the technology is working properly. Our mission is to help companies eliminate the burden associated with IT so that they can realize the potential of technology.

EXPLORE OUR SITE

  • Home
  • About Us
  • Careers
  • Healthcare
  • Transportation
  • Government
  • Technology Providers

OUR SERVICES

  • 24x7x365 Help Desk
  • Complete IT Services
  • Cloud Services
  • Enterprise Mobility Solutions

GET IN TOUCH

T (270) 908-4136
Email: info@kalleo.net

Kalleo Technologies
401 Kentucky Ave Paducah, KY 42003

Open in Google Maps

  • GET SOCIAL
Kalleo Technologies

© 2022 Kalleo Technologies. All rights reserved.

TOP