5월 27, 2020

Azure Active Directory integrations bring risk-adaptive authentication and access

Mattia Maggioli

Authentication is the process of determining whether someone is who they declare themselves to be. It is is the first step every user encounters in their daily computing life. Many companies today rely on Microsoft’s Active Directory technology for identity management. That’s why our team worked to offer Azure Active Directory (Azure AD) integrations with Forcepoint CASB and Forcepoint Behavioral Analytics. These integrations give our customers a way to scale a risk-adaptive approach to identity management and cloud application access.

Azure AD manages internal and external application access in the cloud

Since its introduction almost 20 years ago, Microsoft’s Active Directory technology is something many companies use for identity management. Azure AD is the cloud-based iteration of the company’s identity and access management service.Azure AD helps employees sign in and access resources across internal resources such as apps on corporate network and intranet, along with any cloud apps developed by the organization.  It also assists in the process of accessing external resources like Microsoft Office 365, the Azure portal, and thousands of other SaaS applications.

As part of the sign-in experience for accounts in Azure Active Directory, users can authenticate in multiple ways:

  • Traditional username and password
  • Microsoft Authenticator App passwordless sign-in
  • OATH hardware token or FIDO2 security key
  • SMS-based passwordless sign-in

Individualized, adaptive security is more effective than blanket policies

Even though policies for individuals can have some level of flexibility, most organisations tend to apply policies to all users within a group regardless of the risk profile of each user. This results in unnecessary complex steps for low-risk users accessing ordinary applications, and weak authentication challenges for privileged users logging into critical systems.

Forcepoint Behavioral Analytics enables security teams to proactively monitor for high-risk behavior inside the enterprise. Our security analytics platform provides unparalleled context by fusing structured and unstructured data to identify and disrupt malicious, compromised, and negligent users. We uncover critical problems such as compromised accounts, corporate espionage, intellectual property theft, and fraud.

Forcepoint CASB discovers cloud application use, analyzes risk, enforces appropriate controls for SaaS and custom applications and identifies anomalous and risky user behavior in the cloud to stop malicious users, as well as clamp down on user activities that don’t meet organizational standards.

Both products calculate a risk score for each user identified either on-premise or in the cloud based on logs, events and activities observed across applications, services and networks. The risk score is driven up and down based on user behavior and interaction with data, so that this information can be used to dynamically adjust authentication policies configured within an external Identity Provider like Azure Active Directory.

Azure AD Integration delivers risk-adaptive authentication and access

Forcepoint developed two integrations with Azure Active Directory (AD) to provide customers with automated risk-adaptive authentication policies into Azure AD based on the risk score calculated by either Forcepoint CASB or Forcepoint Behavioral Analytics.

Watch these videos to learn more about the technical implementation, see a live demo of how an increasingly risky user is challenged with different authentication steps and get the Integration Guide with software packages from the description of each video.


First up is Forcepoint Behavioral Analytics and Azure Active Directory:


Next is the Forcepoint CASB and Azure Active Directory integration video:

Mattia Maggioli

Mattia leads the software engineering arm of Forcepoint Innovation Labs which provides design, prototype and POC capabilities to a wide array of integration activities between Forcepoint and 3rd party products, supporting business with a global ecosystem of technology partners and introducing...

Read more articles by Mattia Maggioli

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.