Unauthorized access to sensitive data is a major threat to any business. With Akku, it is possible to limit access to company applications only from specific IP addresses and approved devices through its IP-based and device-based restriction functionalities.

With these restrictions in place, you can prevent unauthorized users from accessing your organization’s data, and also stop authorized individuals from compromising the security of your environment.

This is of even greater importance in today’s remote and hybrid operations, with users operating from outside your organization’s firewall.

What’s more, with Akku acting as the identity provider across your applications and providing your administrators with one-point control, it is easy to revoke access to any user or device as soon as any suspicious activity is detected.

IP and Device Based Restriction
Akku Eliminate the threat of unauthorized access by limiting your cloud to trusted sources.

Akku provides your administrators with the ability to create a list of whitelisted IP addresses to prevent access to your organization’s applications from unauthorized IP addresses. Each time a sign-in attempt is made through Akku, the source IP address is identified and those that are outside of the list are restricted from gaining access.

Through Akku’s IP-based restriction, the versatility of the cloud can be harnessed without compromising on data security.

Akku uses a platform- and browser-agnostic certificate-based authentication architecture to set up device-based restrictions. This is in contrast to the plugin- or agent-based methods used by most other IAM solutions.

When a user logs in through Akku for the first time, a downloadable certificate is sent along with a one-time password required to install the certificate. If the administrator has set a device-based restriction for the user, the device in which the certificate has first been downloaded and installed is treated as the authorized device for the user.

Once installed, the certificate cannot be reused or downloaded again for installation - either on another device, or even the same device, without admin intervention. This makes the setup tamper-proof and highly secure.