<img src="//pixel.quantserve.com/pixel/p-_JKXxuL8SR7wu.gif?labels=_fp.event.Default" style="display: none;" border="0" height="1" width="1" alt="Quantcast">
blog-banner.jpg

Next-Gen CASB Blog

Office 365 Security - Controlling Identity Sprawl

By Rich Campagna | September 17, 2015 at 6:30 AM

This is Post #2 in a five-part series on Securing Office 365 (Post #1). In this post, we'll tackle the topic of Identity Sprawl. 

The adoption of many cloud applications in the enterprise was ad hoc, with individual accounts created within each cloud app instead of consolidation on the existing identity and authentication systems used for internal applications. This has lead to difficult-to-manage provisioning and deprovisioning, and a proliferation of usernames and passwords for employees— a situation that causes frustration, productivity loss and calls to the help desk. Employees with too many passwords are also more likely to reuse them or write them down on sticky notes, adding to the likelihood of compromised passwords.

THE SOLUTION: SINGLE SIGN-ON (SSO) & MULTI FACTOR AUTHENTICATION

Deploying an SSO system so that employees have just one password to remember and manage for all cloud applications can drastically reduce the attack surface that hackers can use to steal your data. SSOs also give you control over the access point to your Office 365 application. They allow you to manage every account through Microsoft Active Directory, so that if you deactivate an account, the user is automatically locked out of all company systems. No more worrying about what information employees may have squirreled away in their cloud apps after they’ve left the company.

Many organizations also opt to employ multi- factor authentication as an added security mechanism. Multi-factor authentication comes in many different forms (hard tokens, soft tokens, SMS, etc), but is not a capability offered by a cloud app vendor like Microsoft. To achieve this added security requires third party technology via an Identity & Access Management product.

Pro Tip: An increasing number of Cloud Access Security Brokers include built-in identity and authentication capabilities, allowing you to consolidate products (and budget) as you seek to fill the gaps in Office 365.


Stay tuned to find out more about Securing Office 365, and don't forget to subscribe to the blog to get new posts in your inbox!

 


To help provide more color on Office 365 security challenges, we have created The Definitive Guide to Office 365 Security. We're providing the entire document via a series of posts on this blog. Of course, if you binge watched all of Game of Thrones on Netflix in one sitting, you might want to binge-read the Definitive Guide by "streaming" it to your device right here