Conditional access for your IT environment

Numerous organizations have adopted remote work policies to meet current demands. While remote work brings various advantages, it also makes an organization more susceptible to cyberattacks like RDP-based brute force attacks. Organizations should improve their access policies to suit this transition to remote work. ADSelfService Plus' conditional access feature reduces the burden on admins by automating access policy enforcement.

Automate access control.

With ADSelfService Plus, access control decisions for the IT environment and resources can be made automatically
in real time based on four contexts:

 

IP address

Manage access according to the user's IP address. Mark individual or a range of IP addresses as trusted or not trusted.

 

Device type

Alter the extent of access based on the device type (computer or mobile device) and OS (Windows, macOS, or Linux).

 

Time of access

Open up access to resources only during business hours or increase security measures during non-business hours.

 

Geolocation

Restrict or enable access based on where the user is accessing the network or resources from.

Manage Active Directory password and account security without admin intervention.

Conditional access can be used to enable or disable the following features based on context:

When a user attempts to log in to their machine, tries to access an application via SSO, or performs any of the self-service features in ADSelfService Plus, the user's contextual data is analyzed and appropriate access policies are assigned based on this data.

Benefits

  • Save time and resources spent on creating multiple access policies to suit your dynamic workforce.
  • Avoid unnecessarily strict access policies imposed in no-risk scenarios while maintaining your organization’s security posture.