The major new addition to the platform is Identity Store, a privacy-first and developer-focused SaaS user directory, designed to protect the identities of contractors and others outside a companies full-time workforce, while also protecting the Right to be Forgotten.
Irvine CA-based secure identity provider SecureAuth has announced the latest release of their IDaaS [Identity as-a-Service] solution. The new release responds to specific issues raised by COVID-19, although the release is also designed for the hybrid, post-COVID world as well. Highlights include Identity Store, a privacy-first and developer-focused SaaS user directory, and a SecureAuth Mobile SDK, to provide invisible multi-factor authentication within a branded mobile app.
“We have really seen the identity marketplace change, and the pandemic is the source for it,” said Mike Williams, Chief Revenue Officer at SecureAuth. “The identity dilemma is now to accommodate across multiple platforms, and to know who is connecting to your network. It was there to some degree before the pandemic, but the big change now is in the scale.”
Williams said as the pandemic has also brought with it the acceleration of the threat environment, with more creativity in attacking and breaching companies, this plays to SecureAuth’s strength in the identity market, which is security.
“Our roots are in security, while our major competitors started in Single Sign-on,” he stated. “We are a security company, and have been since 2005. That’s why we have a tremendous amount of enterprise customers.”
Williams also stressed that while the IAM market generally is hybrid in terms of direct and channel, which the channel sales being in the minority, SecureAuth pivoted to a 100% channel strategy several years ago, which they have fully achieved.
“My sales team focuses entirely on the channel,” he said. “We don’t say it, we do it.”
The spotlight component within the new release is the SecureAuth Identity Store, a privacy-first and developer-focused SaaS user directory aimed at complying with new privacy requirements while at the same time providing full security for non-core or contingent worker user accounts, which have been a prime way for intruders to gain access to a network.
“Customers want to know the identity of everyone who contacts their company, not just their full-time workforce, but contractors, suppliers and seasonal workers,” said Dusan Vitek, Director of Product Marketing at SecureAuth. “Identity Store was built to focus on those gray sources, non-core workforce identities.”
Vitek said that there have been major flaws in how the industry has approached this subject.
“Historically, there have been two approaches,” he said. “One is Active Directory, which is the Go-To choice for many, but it is very expensive for seasonal workers. The other is for an organization to ask developers to build a SQL server solution that will only be used by them.”
“Most people now are solving that problem with homegrown solutions,” Williams pointed out.
“With the rise of importance of Personally Identifiable Information, and then GDPR, followed by CCPA, the Right to be Forgotten became a key component of Identity Store,” Vitek said. “We took that concept of privacy first to provide business owners and IT with the ability to request the Right to be Forgotten through either API or self-service.”
SecureAuth uses the AWS platform and Identity Store lets developers deploy a new cloud directory in a specific region, like AWS Frankfurt, within the SecureAuth global cloud infrastructure. This vertical scalability gives companies a great deal of control over where and how they store user data.
“We designed this to be developer first,” Vitek stressed.
The new lightweight, privacy-focused cloud directory from SecureAuth is designed with built-in privacy controls allowing companies to meet regional regulatory requirements for PII and user data management.
Also new in this release is the SecureAuth Mobile SDK, an invisible 2FA offering that lets consumer brands rapidly increase the security of their customer accounts. When a customer needs to sign into a web interface or confirm a specific action, the mobile app will alert them, and they can confirm the sign-in, without the need to build an authentication stack.
The release also adds MFA to Windows, Mac and Linux workstations and servers logins for SecureAuth Endpoint, and adds a fully passwordless experience where the password is replaced by two other factors, a biometrics-based WebAuthn and a PIN. PIN protection has also been added for all FIDO2 WebAuthn-compliant portable authenticators such as the YubiKey 5 hardware key. When implemented with FIDO2 discoverable credentials, this combination allows for fully passwordless MFA.
Finally, SecureAuth IDaaS now allows admins to incorporate a questionnaire as part of the adaptive login flow and to block user login or to redirect the user to a specific app based on user responses. For example, the company can prevent login within corporate facilities if the user experiences Covid symptoms, but will allow the same user to sign in from home.