One of the biggest benefits of cloud computing is the level of accessibility it enables – from anywhere, and at any time. However, it is important to set up certain restrictions in order to protect your sensitive applications and privileged user accounts from being compromised.
One such important security measure involves setting up a device policy within your organization.
What is a device policy?
In essence, a device policy is a set of rules that users are to follow within an organization in order to prevent accidental or intentional compromise of company data. A device policy gives administrators better control over what can and cannot be done by end users, especially with regard to how they use company-owned devices as well as their own personal devices to access company applications and data.
A device policy is important because it limits user access to one or more critical applications and protects your network against potential threats from unauthorized access.
Akku’s device-based restriction
Akku, the Identity and Access Management (IAM) solution from CloudNow, comes with a device-based restriction through which you can:
-
-
- Prevent access to sensitive applications from non-company-owned devices
- Protect privileged user IDs and admin IDs – by allowing them to be accessed only from recognized devices
- Maintain filters for company-owned devices even outside the local network
-
Here’s how Akku’s device-based functionality works.
Certificate-based Authentication
Akku uses a certificate-based authentication method which is platform- and browser-agnostic. When users, for whom device-based restrictions are to be implemented, log in to their applications through Akku (the identity provider) for the first time, a downloadable self-signed certificate by Akku is sent to the user along with a one-time password.
Whichever device this certificate has been downloaded in, it will be considered the default device for the user and the user will not be able to log in using any other device.
Tamper-proof Technology
Content filters – website filtering, YouTube filtering, personal email filtering, and so on – that have been set up for the user are automatically applied to their device where the certificate is installed. Even if the device is taken outside the office network, the same filters will continue to apply.
Once installed, the certificate cannot be reused or downloaded again and, therefore, cannot be installed on another device without admin intervention. This prevents any attempt by users to bypass the restriction.
With Akku, you can also set up IP-based restrictions, location-based restrictions, and time-based restrictions as well. In short, Akku can help you leverage the cloud while letting you stay in complete control. To know how these functionalities work, book a demo today!
