Glass Class - Taking down Account Hijackers
Welcome to Glass Class. Today we're going to be talking about user session management. A user session is defined as a specific period of time that a user with a particular IP address spends at a particular website. It's important to be able to control user sessions because it helps you to secure your cloud applications. So, a cloud application security system really needs to incorporate session control.
Some of the things that it needs to be able to look for are periods of inactivity - for example, if a user logged in to Google Apps and left their desktop unattended and went somewhere else. Well, you don't necessarily want somebody else to jump on that computer and have access to their account.
You want to look for suspicious user alerts. So, if I log in to grab my email in Palo Alto and then five seconds later I'm trying to get my email in Brazil, then you know that's probably a compromised account. Or things like login failures - if I try to log in to my Box account five times in a row and I still don't have the right password.
Now, in the event any of these kinds of activities are detected, a session policy should be able to take actions. For example, to force reauthentication (force the user to log in again), or even to step up the authentication (forcing them to log in with their password and also a code that is texted to their cell phone), or maybe you want to delay the login by two, five, or ten minutes before the user is allowed to log in again. Finally, you may just simply want to allow that session to continue as it is, or you may want to alert the administrator.
Now, not all cloud applications, unfortunately, have these rich sets of controls for the user sessions. With Bitglass, on the other hand, you can get a granular level of control about what actions can be taken in the case of these events, and this will apply across all your cloud applications - allowing you to feel safe and secure as you move your data from on-premises to the cloud.
Thank you for joining us for Glass Class.