Access Management from A to Z with Thales and SafeNet Trusted Access

Last updated: 01 October 2019


Thales brings to the market SafeNet Trusted Access, an intelligent access management service that allows customers to enforce the perfect balance between user convenience and secure access to all apps.  SafeNet Trusted Access offers flexible access management through a simple to use policy engine that gives customers real-time control over the ability to enforce policies at the group or application level. The policy engine supports a broad range of authentication methods, including ones already deployed, allowing organizations to leverage their current investments and use them to secure cloud and web-based services.

By combining SSO, risk-based policies and universal authentication methods, SafeNet Trusted Access gives organizations the power and flexibility to secure access to all apps, simplify the login experience, and effectively manage risk.

A. Access Policies:  Fine-grained access policies define which users can access which applications, using which authentication methods. Access policies can be defined flexibly per app(s) and user groups(s), addressing functional business needs (e.g. policy for VPN, specific portals and apps, etc.) and compliance needs (e.g. PCI DSS, NERC, CJIS, PSN). For example, a time management application may require minimal access controls, whereas the corporate VPN requires a more stringent access policy.

B. Business Development:  SafeNet Trusted Access makes it easy to extend secure access to business partners and contractors, leveraging smart single sign and context-based authentication for securing access to multiple applications with the least amount of user effort.

C. Cloud Compliance:  There are many different regulations that govern identity management within the cloud such as GDPR, HIPAA, EPCS and more.  SafeNet Trusted Access can easily help you manage all compliance requirements with customizable access policies to help you comply seamlessly.

D. Data Driven Insights:  Enabling organizations to fine-tune access policies over time, STA provides pass/fail authentication stats per application, per policy and per time period (e.g. day, week etc.) Information such as originating IP address provides increased visibility into the source of each access attempt, while the reason for failed or denied access attempts provides information that is instrumental in helpdesk support inquiries and security or compliance audits.

F. Flexibility:  SafeNet Trusted Access address all use cases, sets up policies to accommodate diverse user groups, risk levels and compliance mandates. Policies are designed specifically for enterprise use cases, including secure access by employees and business partners. STA’s intuitive console makes it easy to create manage and maintain the policies you need in real time.

G. Grid or Pattern based Authentication:  Thales’ GrIDsure flexible authentication method allows an end-user to generate a one-time password without the requirement for hardware tokens or software applications. GrIDsure tokens work by presenting the end-user with a matrix of cells which contain random characters, from which they select a ‘personal identification pattern’ (PIP).  Whenever a user wishes to authenticate to a protected resource, they are presented with a challenge grid containing random characters. The user then enters the characters in the cells that correspond to their PIP.

H. HIPAA:  HIPAA, also known as The U.S. Health Insurance Portability and Accountability Act, mandates that all healthcare organizations comply with strict rules designed to protect the confidentiality and integrity of patient information.  SafeNet Trusted access is HIPAA compliant.

I. IT Admins:  SafeNet Trusted Access lets you offer convenience to end-users while ensuring secure access to cloud applications. By centrally defining and enforcing access policies, IT administrators get a single pane of glass for all cloud applications, removing the need to access numerous cloud platforms to manage and troubleshoot users. SafeNet Trusted Access simplifies cloud adoption with fast and simple set up, and easy management, while reducing help desk tickets associated with password resets.

L. Logs:  Easily export logs of all access attempts from your SafeNet Trusted Access portal.  This can be used as an efficient way to review user logins as well as helping you stay compliant if requested for such information.

M. MFA:  Multifactor Authentication serves a vital function within any organization -securing access to corporate networks, protecting the identities of users, and ensuring that a user is who he claims to be.         

O. OTP:  SafeNet’s One-Time Password (OTP) Authentication products generate highly secure one-time passwords ensuring that only properly authenticated users are authorized access to critical applications and data.  SafeNet OTP authenticators are available in both time- and event-based versions, never expire, and require no battery replacements. They also comply with OATH standards and are ideal for remote access solutions.

P. Passwordless Authentication:  Traditional passwords have many downfalls. The average user has 27 different applications which need verification, choosing a different password for each app becomes cumbersome and most often the same password is just reused, which greatly compromises security.  Passwordless authentication offers the user a way to verify themselves while not having to remember or manually type passwords, which in turn provides stronger security and fewer breaches.       

R. Right user, Right app:  By having a granular level of access policies, you can easily ensure that a single user, or group of users, have the right access to the right applications at the right time.

S. Smart Single Sign On:  Smart Single Sign-On lets users log in to all their cloud applications with a single identity, eliminating password fatigue, frustration, password resets and downtime.

Users log in to all their cloud apps using their current enterprise identity (e.g. john.doe@gemalto.com) – the same identity they use to login to the network in the morning or their VPN at night. Depending on the access policies defined, users may authenticate just once in order to concurrently gain access to all their cloud applications. For applications that require stronger access controls, they can be required to elevate trust with an additional authentication factor.

T. Tokenless Authentication:  SafeNet Trusted Access supports several different kinds of tokenless authenticators including: SMS, Push OTP, Software Authentication, Grid or Pattern Based Authentication.  Utilizing this solution is a great way to offer your end user both security and convenience.  Prevent hacking attempts and breaches by circumventing the need to provision and ship a physical token.

U. Universal Authentication:  SafeNet Trusted Access supports universal authentication schemes and context-based authentication, ensuring organizations meet their risk management needs. Organizations can leverage the authentication schemes already deployed in their organizations and complement them with the authentication offered by STA.

W. When and Where:  SafeNet Trusted Access allows you to set access policies based on both time and location.  Imagine a user is trying to access a particular application after normal work hours, feel free to restrict or allow it.  Similarly if you notice an access attempt from an unusual location or IP address you can restrict the access as well.

Z. Zero Trust:  Zero trust is a security model based on the principle of maintaining strict access controls and not trusting anyone by default, even those already inside the network perimeter.

Discover all of our Access Management products and learn how you can improve your data security strategy during this age of digital transformation.

Leave a Reply

Your email address will not be published. Required fields are marked *