Traditionally, companies dealt with cloud security by instituting and enforcing strict firewall policies to protect their data. This has become particularly hard to do with the increased use of cloud based services and the ability of staff to access these services outside the business network using smartphones and laptops on public wifi.
An increasing problem for businesses that use a host of cloud based services is ensuring staff use these services securely. Often the process set out by businesses to access these services can be time consuming and confusing with multiple login details for different cloud applications. Further, when an employee leaves the business they take these access information with them which poses a security risk.
To address these security issues, a new market has emerged in the form of Cloud Access Security Brokers. CASBs bridge the gap between users and cloud services by offering a lightweight SaaS (Software as a Service) service that monitors user activity in cloud-based apps, even if they’re being accessed from outside the corporate network.
Cloud Access Controls (CACs) is an essential way to ensure that business proprietary information is secured. CACs give companies greater visibility into how workers are using the cloud and limiting access where appropriate.
Onsite Helper partners with Clear Login who provide a “Single Sign On” portal. This portal allows for a main user account to be setup where all cloud based applications can be managed through one portal either through their Windows login (Active Directory) or Cloud email service like Google for Work. Authentication of the cloud application is required before they are added onto the portal. This service provides a simple way for staff to access their cloud applications. Further, once users leave the business the main account can be reset to withdraw access.
Additional security provided by Clear Login is the ability to apply multi-factor authentication to all the cloud apps. This will prevent unauthorised access to cloud services in the event that one of the passwords has been compromised. This normally involves an additional code supplied to the user before access can be attained. To simplify the process, a whitelist can be setup so that, for example, outside office hours this multi-factor authentication is active. It provides an additional level of security.