Applications have escaped from the data center. Your business may have applications running in many different environments serving users who switch between locations and devices rapidly. As your infrastructure evolves to meet the challenges of this dispersed, interconnected world, you need to re-evaluate your authentication and access management solutions.
Are usernames and passwords sufficient for a world where hackers are constantly trying to steal passwords through software or social engineering? Should you treat a user on a corporate-managed machine on a company site the same as you would a user coming in using their personal device from a café on the other side of the world? While the easy answer to these questions is “no,” the idea of actually doing anything about the situation might seem overwhelming. The good news: finding solutions to difficult problems is what IT is all about.
For critical systems, simple usernames and passwords might be too weak to be the only authentication method. For the new world of the dissolved perimeter, you need context. Where is the connection coming from; is the source IP address suspicious? Is it a corporate-managed device? What time of day is it? Once you have a solution that can capture and use that contextual intelligence, you can decide which controls to apply to any given situation.
Do you need two-factor authentication? One-time passwords or a flat denial? With a flexible authentication solution, you can apply different controls to the same user depending on where they are, what device they are using, and when they are attempting access. This gives you the control to impose the correct level of authentication while minimizing the friction for valid users as they log into systems. A key factor here is single sign-on; once your users have authenticated once, they can be seamlessly signed into other applications for a set period of time.
The technology to implement this kind of solution is essentially an intelligent authentication proxy. This kind of service provides a centralized user login facility, which establishes a user’s identity in one or more ways, then proceeds to authenticate them into different applications, possibly by dissimilar authentication schema.
To function efficiently, this service requires several features: compatibility with a number of authentication systems, an easy-to-configure access policy, and the ability to authenticate users into a range of applications. Add in some centralized management and you have a comprehensive access and identity solution that is ready to provide secure and appropriate access control for your applications—no matter where they are.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...