With more and more employees working from home, it’s now more important than ever to ensure the security of your SaaS applications. With so many remote workers, the context and security of their access is more ambiguous and it is important to validate the user's identity and apply controls when the security of their device or the location they are accessing applications from is unknown.
Beyond applying contextual access controls per application, Bitglass provides companies the ability to apply global controls over login attempts to help validate user identities or prevent suspicious access attempts.
Bitglass’ global login policies provide admins greater control over blocking logins, performing additional identification steps such as multi-factor authentication (MFA), expiring sessions, or even identifying and preventing suspicious access attempts based on granular contextual variables. This granular control ensures that users and your applications are always protected regardless of the situation: applying controls based on the user/group, location (both geographic or IP), or even the device (distinguishing between managed and unmanaged devices). For example, users working remotely can be required to perform an MFA check in addition to their IdP login, or perhaps not requiring users on managed devices in a location where security posture is known to do an additional MFA check. Admins can ensure sessions expire across all protected applications after a certain period of inactivity or can even force sessions to expire and block logins outside of a specific time range when dealing with contractors and strict overtime rules. Possibly one of the most important abilities is to identify and block or control suspicious login attempts – such as a user account logging into protected applications from two different locations within in a short period of time. This can help surface compromised credentials in a situation where users are spread out versus when they are all in the same corporate office.