An organisation’s digital resources are a major asset. Enabling colleagues to gain access to them, with as few barriers as possible, is critical to maximising their use. Yet at the same time, as organisations depend more and more on networked resources, databases and cloud storage, they must protect these assets against unscrupulous individuals or organisations who may attempt to access them.
IP recognition is the most commonly used way information managers enable access to online information. But attackers' methods are becoming increasingly sophisticated and IP recognition is easily circumvented. Equally IP recognition does not work in circumstances where access to resources forms part of a member organisation benefit package or where users are geographically scattered.
A new white paper from identity and access management software developer OpenAthens argues that, as attackers' methods become more sophisticated, there is a need to move towards more secure methods of access management.
The white paper, 'Approaches to Authentication', discusses alternatives to IP recognition-based systems. Such alternatives include OpenAthens, which connects users with content using a SAML-based single sign-on approach. SAML – Security assertion markup language – is a protocol for exchanging security information between identity providers and service providers, while keeping user login details private. This reduces friction for users – once they have signed into their account, they have seamless access to their institution’s resources – but the additional level of security also is important in keeping these connections secure.
OpenAthens' use of SAML allows publishers to identify potential misuse of user credentials – highlighting those who are bulk downloading or scraping information, and tracking unusual activity spikes or potential sharing of login details.
Not only does SAML provide a secure information access environment, it also provides a better user experience by facilitating more personalisation. The content – and even the design – of a service can be tailored to suit individual needs.
More information: http://openathens.org/resources/white-papers/approaches-authentication-whitepaper/