Determining Access Requirements for High-Risk Users in the Cloud Authentication Service

Document created by RSA Information Design and Development on Apr 23, 2018Last modified by RSA Information Design and Development on Aug 23, 2019
Version 16Show Document
  • View in full screen mode

You can determine authentication and access requirements for users who are identified as high risk. These might be users whose accounts have been compromised, or for whom a third-party security information and event management (SIEM) solution, such as RSA NetWitness, has found suspicious activity. You can configure access policies that require additional authentication for users on the high-risk list or deny them access to protected resources.

Note:  This feature is available only for Premium Edition.

To use this feature, do the following:

  1. Ensure that high-risk users coming from third-party applications are identified as high risk in the Cloud Authentication Service. Use one of the following methods:

  2. Configure access policies to use the High-Risk User List attribute. For instructions, see Add an Access Policy

Note:   The High-Risk User List attribute is different from the Identity Confidence attribute. The High-Risk User List attribute establishes that a user is high risk based on data obtained from a third-party. The Identity Confidence attribute allows the Cloud Authentication Service to establish high or low confidence in a user's identity based on data the service has collected about user behavior over a period of time.

 

 

We want your feedback! Tell us what you think of this page.

You are here
Table of Contents > Cloud Administration APIs > Determining Access Requirements for High-Risk Users in the Cloud Authentication Service

Attachments

    Outcomes