Contextual Access Management

Contextual Access Management

Contextual access in the context of enterprise remote access refers to the concept of granting or restricting access to resources based on various contextual factors. Instead of relying solely on traditional methods like username and password, contextual access takes into account additional parameters to make access control decisions. These parameters may include:

User Identity: The individual attempting to access the system.

Device Information: Details about the device used for access, such as its type, operating system, and security posture.

Location: The physical or network location from which the access request originates.

Time of Access: The specific timeframe during which access is requested.

Security Compliance: Ensuring that the device complies with security policies and has the necessary security software and configurations.

By considering these contextual factors, organizations can implement a more dynamic and adaptive access control system. For example, a user might have different levels of access when attempting to log in from their office computer during regular working hours compared to accessing the system from a public Wi-Fi network during the weekend.

Contextual access enhances security by providing a more nuanced and adaptive approach to access control, reducing the risk of unauthorized access. This approach aligns with the principles of zero trust security, where trust is never assumed and must be continuously verified based on the current context of the user and their device.

InstaSafe Secure Access (ISA) provides the following contextual access features:

Geo Binding - Geo Binding helps ISA administrators to restrict the ISA User Agent connection to specific countries, thus further securing remote access to corporate resources.

Device Binding - Device Binding ensures that the users are allowed to make connections only from those devices registered in the ISA web console. This will eliminate attacks due to stolen or shared passwords. A user can be bound to multiple devices. 

Device Checks - Enables administrators to define rules that check endpoint devices for mandatory compliances. These rules determine whether a device is allowed to connect. As a result, non-compliant endpoints are prevented from accessing corporate resources.

Two-Factor Authentication (2FA) – 2FA or MFA adds one more layer of security to the ISA User Agent connection process, in addition to the username-password and certificate method of authentication. 



    • Related Articles

    • InstaSafe Secure Access Architecture

      Product Overview InstaSafe Secure Access (ISA) is an innovative enterprise remote access software solution based on software defined perimeter delivered as a service. It provides enterprises a simplified setup to secure and manage application access. ...
    • MacOS ISA App Connection Error "This computer is not approved for use with InstaSafe Secure Access"

      This Article highlights the steps to be taken in case users are unable to connect the ISA App on macOS and the error message received is "This computer is not approved for use with InstaSafe Secure Access" Issue The ISA App on MacOS doesn't connect ...
    • What is InstaSafe Zero Trust Network Access?

      InstaSafe combines the disparate needs of security and access of the digital worker into a single cloud delivered scale-out platform, that can be deployed in minutes, and managed via intuitive policy-based management. It introduces a new software ...
    • Access Rules

      Access control rules are used to allow access to specific Applications or Application Groups from particular Users or User Groups. These are identity based rules that permit access on the basis of the Role of the users in the organization as opposed ...
    • Access Log

      This KB article describes the information listed on the Access Log page and how to manage them. The LOGS & REPORTS > Access Log page lists the ISA web console login sessions. Each entry on the page contains the username of the user, the page on the ...