SSO Plus Icon - Single Sign-on Services

Access Control

Secure Multicloud Identities with Advanced Access Control

Protect what matters with access management solutions from CloudGate UNO. It can easily audit user privileges and protect your organization from unwanted threats.

Hero Image | Access Control
Home Features Access Control

What is Access Restriction?

Access restriction is a mechanism to limit access routes to linked cloud services. By restricting access in accordance with corporate security rules, important information assets can be protected from threats such as unauthorized access.

Access Control | Access Control
Adoption of the Zero Trust Model

Restrict Access with Zero Trust SSO solution CloudGate UNO

With the spread of cloud services, cyber attacks such as unauthorized access have increased. For future network security, the zero-trust concept of “not trusting all access” in restricting access to linked services is essential.

CloudGate UNO is designed to provide customers with more secure access to cloud services, CloudGate UNO adopts a single sign-on function based on the zero-trust model to enable customers to use cloud services more securely. To achieve secure sign-on, access to cloud services can be restricted by by specifying who, what, when, where, and how to sign on.

ゼロトラストSSOソリューション CloudGate UNOでアクセス制限を | Access Control

Flexible access conditions to suit each individual’s working style

As a way to prevent unauthorized access to important corporate information while taking advantage of the convenience of cloud services that can be accessed from anywhere at any time, access restrictions that limit the environments in which you can log in to cloud services are essential.

CloudGate UNO can set multiple access conditions and authentication methods for each service according to the security level and usage environment, realizing flexible access restrictions for the Zero Trust era.

Access Control | Access Control

For example:
• Restrict access to inside the company only (IP address restriction)
• Restrict cloud services that can be accessed from outside the company (authorized service restrictions)
• Enable access from outside the company to PCs taken out by employees or departments who often go out (terminal restrictions)
• Allow access only on specific corporate devices (Terminal restriction by certificate CloudGate certificate)
• Temporarily allow access from certain countries, such as when traveling (Access restrictions by country)
• Use a strong authentication method for identity verification only for cloud services that handle confidential information (Authentication method setting)

By setting a security profile that combines the above access rules for each user, it is possible to achieve flexible access restrictions that match each individual’s work style.

What Access Restrictions Can Solve

SSO Solve 1 - Single Sign-on

Access restrictions that incorporate the concept of Zero Trust are a countermeasure against cyberattacks that are increasing year by year.

SSO Solve 2 - Single Sign-on

By changing the security rules for each cloud service, stricter management of confidential information within the company.

SSO Solve 3 - Single Sign-on

The authentication method can be flexibly changed according to the work location and work content, and remote work can be realized in a secure environment.

Smartphone Restriction Icon

Allow access only from specific devices

Device restrictions by browser

Allows access only to terminals (web browsers) that have cookies registered, and limits the terminals that can access. For example, a cookie can be registered on a company-issued device to restrict access from other devices, and similarly, access from personal devices such as employee smartphones can be restricted.

Device restriction by certificate (CloudGate certificate)

By installing a device certificate on the terminal in advance, CloudGate UNO checks whether the accessing terminal has the device certificate and blocks access from the terminal that does not have the device certificate.
Even if your login ID and password are known to a malicious third party, you can prevent unauthorized access from devices that do not have a device certificate.

SSO Feature 1 - Single Sign-on
Userhub Icon

Access restrictions at specific locations (IP addresses)

By registering a global IP address that allows access, you can limit the locations that can be accessed. For example, by registering the global IP address of the office, you can restrict access only from within the office. Also, by registering multiple IP addresses, access from each location is possible even if there are multiple offices.

SSO Feature 1 - Single Sign-on
Userhub Icon
Time & country-based

Allow access only for certain time zones and countries

Allow access only to specified days, hours, and countries, and restrict time zones and countries. For example, for users who work fixed hours, such as part-time workers, it is possible to restrict the login time frame for accessing the cloud services.

* “Time restrictions” is a restriction function for login only, and cannot restrict logout.

SSO Feature 1 - Single Sign-on
Userhub Icon
Cloud App-based

Allow access from outside the company only to specific cloud services.

Cloud services such as groupware allow access from outside the company, but services that handle sensitive information can be restricted to internal access only.

SSO Feature 1 - Single Sign-on
Biometrics Icon
Enhanced Authentication

Enhanced authentication methods for specific cloud services

By registering cloud services that allow access (authorization service), you can limit the cloud services that can be accessed. For example, access to cloud services such as groupware can be permitted from outside the office, while access to services that handle confidential information can be limited to within the office.

SSO Feature 1 - Single Sign-on

CloudGate UNO Access Restriction Method

Security Profile Icon
Security Profile

Create a profile according to your security settings, can be applied per user.

Access Restrictions

Security Profile Icon
Terminal Limit
  • • Access is permitted only from terminals (web browsers) in which cookies are registered, and terminals that can be accessed are restricted.
  • • The administrator can limit the number of PCs, smartphones, etc. that can be registered for one user.
Security Profile Icon
IP Address Restrictions
  • • Allow access only from the specified global IP address (IP address) and restrict the IP addresses that can be accessed.
  • • You can set multiple IP addresses to allow.
Security Profile Icon
Access restrictions by time and country
  • • Restrict the time zone and country that can be accessed by permitting access only for the specified days, hours, and countries.
Security Profile Icon
Authorized service limit
  • • Restrict cloud services that can be accessed by allowing access only from specified cloud services.
  • • You can set multiple permitted cloud services.
Security Profile Icon
Identity (Authentication)

• Authentication is performed according to the matching conditions.

  • • Passwordless authentication with FIDO2
  • • Biometric authentication (fingerprint authentication, face authentication)
  • • Multi-factor authentication by device
  • • One-time password authentication (OTP)

List of Access Restriction services

Device Restriction by Certificate - CloudGateUno
Device Restriction by Certificate

Device certificates are easy to use for system administrators and users alike, and provide robust security without compromising the convenience of SSO.

Smart Device Security - CloudGateUno
Smart Device Security

Introducing CloudGate UNO’s security features that enable more secure use of smart devices such as smartphones and tablets.

Dedicated Mobile Administrator Screen - CloudGateUno
Dedicated Mobile Administrator Screen

When an administrator is out of the office or out of business hours, when a user requests an account lock “unlock” and an urgent response is required, it is possible to easily unlock by accessing the dedicated administrator screen from a smartphone.

CloudGate UNO helps organizations implement a Zero Trust approach to security.

Contact us
CG Logo

A trademarked single sign-on service solution of International Systems Research Co. (ISR) that provides reliable and affordable strong authentication service for cloud services.

google partner badgegoogle partner badge

©1993 - 2024 International Systems Research Co. All Rights Reserved.