As we read in the “Harnessing Intelligent Digital Identity Risk Management with Identity and Access Management” blog post, establishing digital trust in web security without affecting user experience is critical. Organisations need to balance robust security requirements of their systems whilst ensuring users can easily access the applications they need and also feel “secure”.
In the SaaS landscape, we often take for granted or simply trust those protections in place; whether they are or not, and to what degree, is a series of blog articles of its own! If you are an application owner, running in your own container or infrastructure, the onus is on you to instrument your application with detection and mitigation. Without specialist teams and skills, this can be a challenging exercise.
Thankfully, IBM Security has a solution for this. For decades IBM has invested heavily in a security-first design paradigm which has been powering enterprise grade security for several of its clients including Fortune 500 companies. IBM Trusteer specialises in identifying digital identity risk based on machine learning algorithms powered by AI. This can be easily integrated into your existing applications using IBM Security Access Manager.
IBM Security Trusteer provides the risk detection, intelligence insights and risk assessment; IBM Security Access Manager provides the instrumentation, single sign-on, end to end integration and most importantly the mitigation through conditional access and multi-factor authentication.
System Overview
In a traditional IBM Trusteer Pinpoint deployment, instrumentation must occur in the application itself which includes code updates, testing, deployment and so on, as well as infrastructure requirements such as certificates, DNS updates. Developers, DevOps and EnvOps engineers all need to become “Trusteer aware”.
When deploying IBM Security Access Manager, many of these tasks can be accomplished with “out of the box” ISAM features and in most cases, with only minor client specific application “tweaks.”
An integrated deployment
When the integrated solution is deployed using IBM Security Access Manager (ISAM), you can take advantage of the sophisticated features of IBM Trusteer for real-time fraud and risk, provide strong authentication and context-based access plus auditing and reporting to your Security Operations Centre (SOC), all without modifying your applications.
ISAM enables rapid Trusteer deployment by
- ISAM appliance
- Logging and auditing for SIEM analysis and correlation, for example with IBM Security QRadar
- Load balancing and high availability/disaster recovery (HA/DR)
- Web Reverse Proxy
- Provision of user and session management requirements
- Runtime insertion of Trusteer detection code and application callbacks
- Built in support for MFA challenge pages that can be customised and branded
- Certificate and DNS management streamlining
- Traffic routing and management through multiple junction types
- Advanced Access Control
- Querying Trusteer at runtime for a risk recommendation of the current session
- Multi-factor authentication to mitigate and enforce based on the Trusteer recommendation
Not limited to traditional web apps, you can also take advantage of the Trusteer Mobile SDK for your native iOS and Android apps.
Want to know more or request a demonstration
Contact your IBM account representative who can arrange a demonstration of both the Cloud Identity and Security Access Manager scenarios powered by IBM Trusteer.
Even Cloud Identity and Security Access Manager can be integrated together to help you transition to Cloud with native and hybrid Cloud deployments supporting your traditional managed applications.
Establish digital trust for your organisation, secure your applications and protect your users with IBM Security today.