The road to GDPR compliance can be a long and complex one, but AudienceProject is here to help you and your organization prepare for the journey and at the same time improve your ease of using our many products. That is why, today, we start rolling out our new unified Single Sign-On solution.
Introducing the AudienceProject Single Sign-On
With Single Sign-On we are introducing a new centralized login-service, new upcoming layers of drive encryption and an improved user administration center in order to allow you to see and audit your team’s members, admins and settings as well as making it easier to login across all products.
The new service grants you full control of your various product-accounts, data, and users located within the AudienceProject platform. It also enables you to activate 2-factor authentication and unified login functionality.
Why Single Sign-On?
With the new GDPR requirements the security of data storage, transfers and processing become even more critical to every organization.
The GDPR requires “appropriate technical and organisational measures” across the board and also stresses the need for secure IT networks that can resist “accidental events or unlawful or malicious actions” that may compromise the confidentiality of stored or transmitted personal data, and “the security of the related services offered by, or accessible via, those networks and systems.”
AudienceProject offers a robust platform infrastructure that enables you to ensure:
Well-defined data-ownership and improved transparency of user-access to data
Whether it’s critical data or accounts containing data, the GDPR will require organizations to have the appropriate access policies in place. In order to help you enforce such access controls our new unified identity management system enables the administration of users and access to product accounts within an organization.
Going forward, all accounts and users will be tied to an Organisation. And different access-levels, as well as user-levels for each user within an Organisation, will be available. The end-goal is to allow you to grant the right individuals access to the right resources at the right times and for the right reasons.
Clients are granted full administrative rights
Within each Organisation a subset of users can now be granted administrative rights which enables you to add and remove users, add and revoke permissions as well as audit users access to various services within your organization.
Improved access-control infrastructure
AudienceProject’s new Single Sign-On solution is based on a platform that supports multi-factor authentication and encryption of data-at-rest and in-transit. The solution is HIPAA eligible and PCI DSS, SOC, ISO/EIC 27001, ISO/EIC 27017, ISO/EIC 27018, and ISO 9001 compliant.
What will change from a user perspective?
As a regular User
Switch between accounts by clicking the account icon and name in the header – the above example is taken from AudienceReport. Please note that the icon placement may vary a bit between UserReport and AudienceReport.
Centralized login. No matter which product or account you want to access? You can login once from any AudienceProject website or product. Try it
No more multiple user logins for different accounts. Going forward there will be only one verified identity per user. If you have had multiple logins in the past? They have been merged into your primary user mail.
Multi-account access switcher. Once you have logged in, you can access all accounts that your administrator(s) have granted you access to through the new account switcher located in the header.
Manage your account and Device access controls. The new solution allows each individual user full overview of which devices they have associated when they have been logged in? And from where? Passwords, profile and login sessions can be controlled directly by each and every user.
Ability to enable 2-factor. Two-factor authentication has become one of the best ways to ensure the only person logging into your account is you, and it’s an excellent way to prevent brute force attacks and hacks when passwords have been compromised. By requiring a second form of verification, 2-factor is the next level of security—and it offers better peace of mind. We strongly recommend that every one enables 2-factor authentication. It has been mandatory for all AudienceProject employees for years.
As an account owner
The new administrative overview gives you an overview of your entire organization, associated accounts, users and permission.
Administrative overview. We now offer administrators a full overview of their entire organization, associated accounts, users and permission through our new administrator interface. You now have the power to invite, delete and modify users and permissions across your entire organization.
SAML and 2-factor support. In order to better support your organization’s internal security policies, we will offer SAML 2.0 support for user directory control as well as the possibility to enforce 2-factor authentication across your organization. These features are scheduled to be rolled out during May.
Future security features.Two additional Single Sign-On features are gradually being rolled out as we complete our beta-testing in the upcoming weeks.
Adaptive authenticationWhen AudienceProject’s Single Sign-On solution detects unusual sign-in activity, such as sign-in attempts from new locations and devices, it assigns a risk score to the activity and lets you choose to either prompt users for additional verification or block the sign-in request. Users can verify their identities using SMS or a Time-based One-time Password (TOTP) generator, such as Google Authenticator.
Protection from compromised credentialsAdvanced security features for AudienceProject Single Sign-On helps protect your organization’s users from unauthorized access to their accounts using compromised credentials. When we detect that users have entered credentials that have been compromised elsewhere, it automatically prompts them to change their password.
When will the new Single Sign-On solution be available to me?
Gradual rollout is starting today. Over the coming days, more and more clients will be migrated and the new features gradually enabled during May.