With remote work rapidly becoming the norm, traditional access control policies that govern how access is granted and under what circumstances are in desperate need of a makeover. Implementing access control policies that enable additional security measures like MFA during logins is essential. However, enforcing a stringent blanket rule will introduce unnecessary hassles for on-premises users.
Wouldn’t it be great if you could automatically implement additional security measures for high-risk events such as a remote desktop connection at non-business hours or users accessing an application containing sensitive data? With ADSelfService Plus, you can!
ADSelfService Plus’ conditional access feature helps automate access control decisions based on factors around a user’s access request or login. It lets you improve your organization’s security posture without affecting the user experience.
What is conditional access?
With conditional access, parameters such as the source IP address, time of access, device, and geolocation are analyzed, and access policies are automatically assigned based on this data. Some of the common scenarios and the corresponding security measures that can be applied using conditional access are:
Mandating biometric authentication during IT admin logins.
Allowing access only from authorized machines to important applications through single sign-on (SSO).
Enforcing three levels of authentication for password reset requests from untrusted IPs or from computers that are not joined to the domain.
To implement conditional access, you simply need to configure conditions based on the context of the user, and associate them with appropriate access policies.
Using ADSelfService Plus’ conditional access helps organizations:
Implement access controls without IT administrator intervention.
Avoid unnecessarily strict security measures that impact the user experience in no-risk scenarios.
Learn more about how ADSelfService Plus’ conditional access feature can help streamline access control decisions in your organization.