Secure Federated Access

Transition to the Cloud Without Risks or Weaknesses

Secure Federated Access

Moving to the cloud often causes security to become fractured and inconsistent compared to on-premise controls. It opens up new and unknown risks and its hard to know who is accessing what. The Preempt Platform’s Secure Federated Access application ensures comprehensive and consistent visibility and enforcement that extends across all enterprise cloud-based assets.  Now enterprises can easily see behavior of all identities, and make smart, adaptive enforcement decisions based on risk and complete enterprise context.  Download full data sheet here.

Preempt and Microsoft ADFS

Preempt integrates with Microsoft’s Active Directory Federation Services (ADFS) as an authentication provider extending visibility and control to federated cloud applications, including Office 365, Salesforce, Workday, and others. Organizations can also extend adaptive threat prevention and policy enforcement to these applications never possible before. Instead of including MFA for federated applications where users are challenged every time, now an MFA challenge can be triggered based on situational policy, observed risks and behavior. For example, MFA could only be required on a first access, or alternately based on the user’s device, change in observed behavior, or a risky configuration.

Seamless Security to the Cloud

Integration with Cloud SSO such as Okta and Azure SSO ensures organizations retain full context over all user activities whether the assets used are on the on-premise network or in the cloud. Additionally policies between Preempt and Okta ensure on-premise controls follow users to the cloud.

Security analysts can easily see all user behavior, challenge suspicious application behavior in the cloud, and identify risky configurations. AWS and Azure Virtual Private Cloud (VPC) deployments are also supported. Preempt grows in lock step with your network whether on premise or in the cloud, and retain the same visibility, policy enforcement, and threat prevention.

Extending Beyond Access to Threat Prevention

Instead of basic access control, access can now be addressed in a dynamic and adaptive way. Instead of a one-time allow/deny, access decisions can adapt to the situation. As observed risks change, users can be challenged in real-time to verify identity. Additionally, the solution can identify signs of malicious or attack behavior such as lateral movement, signs of compromised credentials, privilege escalation or dangerous tools and protocols. Instead of simply focusing on access, now organizations can extend their full capability of threat prevention to the cloud.