Subscribe to more awesome content!

Why Identity Management Matters in Finance

Ready to regain IT productivity? Securely provision and deprovision users with ease using Single Sign-On.

What is Identity and Access Management?

According to Gartner, Identity and Access Management (IAM) is the security discipline that enables the right individuals to access the right resources at the right times for the right reasons. IAM addresses the mission-critical need to ensure appropriate access to resources across increasingly heterogeneous technology environments.

Enterprises traditionally used on-premises IAM software to manage identity and access policies, but nowadays, as companies add more cloud services to their environments, the process of managing identities is getting more complex. Therefore, adopting cloud-based Identity-as-a-Service (IDaaS) and cloud IAM solutions becomes a logical step.

Beyond Username and Password

screen-shot-2016-10-07-at-10-09-16-am

Building modern authentication goes beyond usernames and passwords and provides a framework for managing identity. In the financial world, security is critical and every minute counts. Typing in a username and password to gain access to a web service may have worked in the past, but has significant drawbacks today.

  • Security: Users tend to reuse the same credentials across multiple logins leaving them susceptible to hacks outside of your control. Modern security means adding additional measurements like multifactor authentication and breached password detection.
  • Administration & Governance: Managing access to web based services can be a logistical nightmare for services that don’t have single sign on capability.
  • User Experience: Having to remember and manually enter another set of credentials costs precious time that users simply do not have to spare. Single Sign On provides your users with a seamless authentication experience to all of the applications they need.

Why Financial Institutions Need Modern Authentication

Modern authentication goes beyond the login screen. Enterprise federation and single sign on gives administrators a piece of mind as they’ll be able to easily provision and deprovision users. Auditing, monitoring and enforcing security policies is another major benefit with modern authentication systems.

In the past, each service a company subscribed to required a separate set of credentials. These credentials were scoped to the service, which presented a logistical nightmare for administrators when provisioning and deprovisioning users. This also presented a number of security risks and other headaches.

Enterprise federation, most commonly referred to as single sign on (SSO), solves many of these problems by:

  • Establishing a single source of truth for user identity
  • One set of credentials allows a user to login to many services
  • A user only needs to authenticate once to gain access to all allowed services
  • Centralized provisioning and deprovisioning of users and services
  • Granting governance of the user store to the company, rather than a third party
  • Ability to add and manage extra security features, MFA, password policy, etc.

Compliance and Certifications

Auth0 is SOC 2 Type II certified – an independent auditor has evaluated our product, infrastructure, and policies, and certifies that Auth0 complies with their stringent requirements.

Auth0 offers HIPAA BAA agreements to companies in the healthcare industry that must comply with HIPAA regulations for safeguarding patient privacy and sensitive health information.

Auth0 conforms to the OpenID Connect protocol, and our products are certified by the OpenID Foundation, of which we are active members. We strive to use open standards and specifications to deliver excellent interoperability for our customers. Auth0 helped in defining the protocol and are sponsoring OpenID Connect.

Auth0 conforms with the brand-new EU-US Privacy Shield Framework for regulating privacy in data flows between the European Union and the United States. This Framework replaces the EU-US Safe Harbor Framework repudiated in 2015.

Identity Management Done Right

Auth0 can authenticate your users with any identity provider running on any stack, any device or cloud. It provides Single Sign-On, Multifactor Authentication, Social Login, and several more features.

In terms of authorization, you can use the power of the rules engine to define coarse-grained authorization — that is, rules that dictate who can login (for example: at what times, from which locations and devices, and so on).

Auth0 also has a group memberships feature that can be exposed to the application (for example: group memberships in Active Directory, in Azure Active Directory, in the user’s metadata, and so on); based on that, you can do more fine-grained authorization (where only users in a particular group can access some applications).