Unauthorized access to sensitive data is a major threat to any business. With Akku, it is possible to limit access to company applications only from specific IP addresses and approved devices through its IP-based and device-based restriction functionalities. With these restrictions in place, you can prevent unauthorized users from accessing your organization’s data, and also stop authorized individuals from compromising the security of your environment.
What’s more, with Akku acting as the identity provider across your applications and providing your administrators with one-point control, it is easy to revoke access to any user or device as soon as any suspicious activity is detected.
Akku provides your administrators with the ability to create a list of whitelisted IP addresses to limit access to your organization’s applications from unauthorized IP addresses. Each time a sign in attempt is made through Akku, the source IP address is identified and those that are outside of the list are restricted from gaining access.
Through Akku’s IP-based restriction, the versatility the cloud can be harnessed without compromising on data security.
Akku uses a platform- and browser-agnostic certificate-based authentication architecture to set up device-based restrictions. This is in contrast to the plugin- or agent-based methods used by most other IAM solutions.
When a user logs in through Akku for the first time, a downloadable certificate is sent along with a one-time password required to install the certificate. If the administrator has set a device-based restriction for the user, the device in which the certificate has first been downloaded and installed is treated as the authorized device for the user.
Once installed, the certificate cannot be reused or downloaded again for installation - either on another device, or even the same device, without admin intervention. This makes the set up tamper-proof and highly secure.