SSO, MFA & PAM Documentation

Use Case 1: On Premise Single Sign-On (SSO), Multi-Factor Authentication (MFA) & Privileged Access Management (PAM)

Use Case 1 Scenario

Lets create a general set of policies to handle log in's from internal (On Premises) people.

Policy examples

  1. Enrolled Devices will use Multi-Factor Authentication (MFA)
  2. If the device is not enrolled in MFA, either enroll or block the device for access requests
  3. On Premises inside Geo-Fencing - Require 2 Factor (Username/Password + CAC Card)
  4. On Premises privileged account access inside Geo-Fencing - Require 3 Factor (Username/Password + CAC Card + Facial)
  5. On Premises outside Geo-Fencing - Require 4 Factor (Username/Password + CAC Card + Retina + Fob)
  6. Logging into normal account requires only Multi-Factor Authentication
  7. Logging into a High Risk privileged account access falls under PAM policies after MFA
SSO MFA Use Case 1