The Chief Information Officer (CIO) wants to increase security and accessibility among the organization's cloud SaaS applications.
The applications are configured to use passwords, and two-factor authentication is not provided natively.
Which of the following would BEST address the CIO's concerns?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The Chief Information Officer (CIO) wants to improve security and accessibility for the organization's cloud SaaS applications. The applications use passwords for authentication, and two-factor authentication is not available natively. To address these concerns, the following solutions are proposed:
A. Procure a password manager for employees to use with the cloud applications. B. Create a VPN tunnel between the on-premises environment and the cloud providers. C. Deploy applications internally and migrate away from SaaS applications. D. Implement an IdP that supports SAML and time-based, one-time passwords.
A password manager is a software tool that generates, stores, and retrieves passwords for different online accounts. This solution can address the security concern by encouraging employees to use strong, unique passwords for each account. However, it does not provide two-factor authentication, which is a more secure form of authentication.
Creating a VPN tunnel between the on-premises environment and the cloud providers can address the security concern by encrypting all traffic between the two environments. However, it does not provide two-factor authentication for the SaaS applications.
Deploying applications internally and migrating away from SaaS applications can address the security concern by providing more control over the applications' security. However, this solution requires significant effort and may not be practical for all organizations.
Implementing an IdP (Identity Provider) that supports SAML (Security Assertion Markup Language) and time-based, one-time passwords can address both security and accessibility concerns. SAML is an open standard for exchanging authentication and authorization data between parties, and time-based, one-time passwords provide an additional layer of security for authentication. An IdP can centralize authentication and provide single sign-on (SSO) for all SaaS applications, making them more accessible for employees.
Therefore, the best solution to address the CIO's concerns is D. Implement an IdP that supports SAML and time-based, one-time passwords.