Identity and Access Controls

 

Two-Factor Authentication (2FA)

Two Factor Authentication, also known as 2FA, two step verifications or TFA (as an acronym), is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand - such as a physical token.

Using a username and password together with a piece of information that only the user knows makes it harder for potential intruders to gain access and steal that person's personal data or identity.

Data Loss Prevention (DLP)

Scarlett’s Data loss prevention (DLP) is the strategy used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. DLP software products classify and protect confidential and critical information to prevent end users from accidentally or maliciously sharing data that could put the organization at risk. Data loss prevention software and tools monitor and control endpoint activities, plus filter data streams on corporate networks and protect data as it moves.

The driving forces behind adopting DLP are Insider threats and tightened state privacy laws that include strict data protection and access control requirements. As employees, partners, and contractors create, manipulate, and share data, they work on and off the network, on corporate and personal devices, and in the cloud. Potential insider threats loom behind every click, and the corporate network and sensitive data are at risk.

Email is an especially important consideration of data loss prevention strategy because so much sensitive data and information is shared through email today. Business-critical communication also relies on email, which poses a threat to organizations if employees fail to follow corporate policies for handling sensitive/confidential data. Organizations need to be sure they are adopting DLP software and tools that can secure corporate email communications without hindering worker productivity.

 

Single Sign-On (SSO)

Scarlett’s SSO will enable Customer’s users to gain access to all applications (cloud, on-premises, or mobile) using a single set of credentials. SSO can even be paired with 2FA for automatic authentication. The main role of Single Sign - On is to enforce uniform enterprise authentication and authorization policies across the enterprise. SSO provides users with the convenience of having to remember only a single set of credentials. This also improves security as users find it easier to remember their credentials and do not have to write them down, allowing for a more efficient user logon process.

Single Sign-On (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. As different applications and resources support different authentication mechanisms, Single Sign-On must internally translate and store credentials for the different mechanisms, from the credential used for initial authentication.

Advantages of Single Sign-On (SSO)

Advantage #1: Reducing password fatigue from different user name and password combinations: That means that users do not need to remember and manage multiple passwords. It’s clear that users hate complex passwords; SSO reduces the number of complicated passwords they have to remember, so users have just one password to remember, and enterprise gains more control to enforce stringent requirements. The phrase to the IT helpdesk - “I need to reset my password” would stay in the past.

Advantage #2: Improve user experience through automatic login: Usability and user experience are one of the key drivers for the long-term adoption of technologies in any organization. While it may seem simple, users appreciate when IT saves them time and effort so that they can focus more on their work and less on tech and remembering passwords. Allowing for automated login to other collaboration and communications applications such as Microsoft Lync, SharePoint websites and corporate intranets after providing credentials just once, IT can make more friends in the user community and contribute to the adoption of deployed technologies.

Advantage #3: Improved Security: When SSO is deployed properly, it could really lead to security improvement and then users are relieved of the multiple-password burden. SSO systems are often based on complex systems management applications which can centralise authentication on special servers. This centralization requires more planning, tuning and auditing to prevent malicious access than single authentication systems do. Actually, SSO systems have more secure storage of authentication credentials and encryption keys.

Advantage #4: Easier Accounts Management: SSO makes it easy to manage accounts in one go and gives clear visibility of what is available to whom. It provides a simple, clear interface for identity management and permissions across all integrated systems. It also allows you to set up roles to cover access rights across multiple systems and multiple user groups. 

 

 Password Management

The Scarlett Group will implement a comprehensive password management solution to encourage users to generate and use complex passwords with ease. A major benefit of using a password manager is that you only need to remember a single master password. This allows you to easily use unique, strong passwords chosen for each of your online accounts. Just remember one strong password and the manager will take care of the rest.