Enrolling applications
The process of application enrolment is superbly implemented. We've seen many other SSO applications use the same (or a similar) method but none have got it so right.
As a CAM administrator you visit the site hosting the web app you want to control and go to its standard login page. From the CAM cloud icon, choose the Application Admin option and it'll display an enrolment page in the lower right corner.
Here, you can edit the name of the web app, the domain, landing page details plus application category and enable authentication. Next, you click on the username box in the web page and select Choose in the CAM window. This'll enter the relevant details for you and colour the box red.
Do the same for the password box and the details submit button and you're done. Moving to the admin portal shows the new app is ready and waiting to be controlled. By default, all user and group access is blocked and you can enable this as you see fit.
The enrolment process is so simple. Here we are adding the IT Pro login page to the CAM admin portal
SSO and data redaction
Enabling authentication controls for a web app activates SSO enrollment. The user enters their normal credentials at the next login after which CAM changes them and stores them securely in the cloud.
When the user next selects the web app from their CAM portal, all login details are handled transparently. This solves two problems as users no longer know their login details so can't write them down or circumvent CAM and access web apps or sites from an unprotected device.
Built in data leakage controls allow you to decide what web page components or fields are presented to the user.
We could disable functions such as data export, block specific financial data from being shown in Salesforce, whilst Facebook can be controlled down to each individual function.
Here we've redacted costings from the Salesfore web page so standard users can't see this information
Up and coming features
At present data leakage controls are not present in the admin portal as SaaSID adds them for you on demand. In the next release, you will be able customise these fields yourself.
We also took a peek at the new Knowledge Centre portal which provides customisable pages with detailed information about individual web apps and all user activities. Speedometer dials and graphs keep you in the loop on web app usage and you can keep an eye on non-productive web access.
You can see all web site access per user, check on Salesforce activities such as failed or good logins plus exported reports and drill down in each one for more detailed information. SaaSID even has iPad admins on its radar as the portal background and colour schemes can be changed so they're easier to read.
The next release will include SaaSID's slick new Knowledge Centre reporting tool
Conclusion
SaaSID's CAM is the simplest means of controlling web app usage we've yet seen and it can be easily extended to BYOD users. The app enrolment process is slick and the next version will add more user access controls and sophisticated auditing and reporting.
Verdict
Controlling access to web apps and BYOD users doesn’t get easier than this. Agent deployment takes seconds and other SSO vendors should look at SaaSID’s app enrollment process to see how to do it properly.
Supported browsers: Microsoft IE6 upwards, Google Chrome, Mozilla Firefox, Apple Safari
Platforms: Windows XP upwards; Apple Mac OS X 10.6/10.7, Linux (Chrome and Firefox only), iOS 5.0 upwards
Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.
Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.