Accelerate Your Cloud Transformation and Secure Your Hybrid Infrastructure with SafeNet Trusted Access

SafeNet Trusted Access is a cloud-based access management solution that makes it easy to manage access to both cloud services and enterprise applications with an integrated platform combining single sign-on, multi-factor authentication and scenario-based access policies.

Businesses and organizations looking to accelerate the deployment of cloud services for end users encounter hurdles to efficiently managing online identities and access security, while ensuring user convenience and regulatory compliance.

SafeNet Trusted Access simplifies user access to cloud services, streamlines cloud identity management, and helps eliminate password hassles for IT and users, while providing a single pane view of access events across your app estate to ensure that the right user has access to the right application at the right level of trust.


SafeNet Trusted Access – Identity-as-a-Service

SafeNet Trusted Access is a cloud-based access managementSafenet Trusted Access service that combines the convenience of cloud and web single sign-on (SSO) with granular access security. By validating identities, enforcing access policies and applying Smart Single Sign-On, organizations can ensure secure, convenient access to numerous cloud applications from one easy-to-navigate console.

Smart Single Sign On (SSO)

Smart Single Sign-On lets users log in to all their cloud applications with a single identity, eliminating password fatigue, frustration, password resets and downtime. SafeNet Trusted Access processes a user’s login requests and ensures that SSO is applied intelligently, based on previous authentications in the same SSO session and the specific policy requirements applicable to each access attempt. In this way, users may authenticate just once in order to access all their cloud applications, or provide additional authentication as configured in the policy.

Robust Multi-Factor Authentication (MFA) & Authenticator Options

SafeNet Trusted Access supports numerous authentication methods and allows you to leverage authentication schemes already deployed in your organization. The broadest range of authentication methods and form factors supported combined with context-based authentication enhances user convenience and allows you to manage risk by elevating trust only when needed.

Flexible Scenario-Based Access Policies

SafeNet Trusted Access offers flexible access management through a simple to use policy engine that gives customers real-time control over the ability to enforce policies at the individual user, group or application level. The policy engine supports a broad range of authentication methods, including ones already deployed, allowing organizations to leverage their current investments and use them to secure cloud and web-based services.

Rapid Deployment, Scalability & Value

As a cloud-based service, SafeNet Trusted Access can deployed rapidly and can scale easily to meet your organizations evolving needs. Easily add hundreds of users or differentiate user groups across countries to apply regional compliance controls. In addition, with SafeNet Trusted Access offers a wide range of authentication types bundled with the service at no additional cost.

SafeNet Trusted Access Benefits:

  • Fast and easy cloud access through Smart Single Sign-On
  • A single pane of glass for centralized user access control
  • Optimized security through fine-grained access policies
  • Visibility into all access events for simplified compliance
  • Secure access for partners and contractors
  • Identity-as-a-service efficiencies


Contact a specialist about SafeNet Trusted Access

SafeNet Trusted Access from Thales

Authentication Service Private Cloud Edition (SAS PCE)

is an on-premises authentication solution that delivers fully-automated, highly secure authentication with flexible token options that are tailored to the unique needs of your organization, substantially reducing the total cost of operation.

SafeNet Authentication Service (SAS) PCE offers:

  • Reduced IT management overhead thanks to fully automated lifecycle administration of users, permissions and tokens, including provisioning, updates and revocation, and automated alerts and reporting.
  • Broad Use Case Coverage, with support for VPNs, VDI, cloud applications, local network access, and web portals.
  • Broad integration ecosystem, enabling integration with any enterprise application using SAML 2.0, Agent or API.
  • Increased user convenience thanks to frictionless authentication methods and federated login, which lets users log in to their cloud applications their with current enterprise identity.
  • Shared services with multi-tier architecture, which significantly simplify the management of accounting, billing, inventory and security policies across business units, departments and subsidiaries. Policies can be inherited from higher tiers and customized as needed.
  • Easy migration from third party authentication solutions, enabling an incremental move from an existing solution whilst protecting organizations’ current authentication investments.

Fully Automated Management

  • Fully automated lifecycle administration of users, permissions and tokens
  • Automated threshold and event-based alerts
  • Over-the-air provisioning of soft tokens and tokenless methods
  • User self-service portals that reduce help desk overhead

Broad Integration Ecosystem

  • 150+ fully tested out-of-the-box integrations
  • Secure any enterprise use case: network logon, Cloud (SaaS), VDI, VPN, web portals and custom applications
  • Authentication SDK offers broad APIs for authentication, administration, self-service and web services, free with platform

Multi-tier/Multi-tenant Architecture

  • Accommodates multiple business units, clients, regions and groups
  • Allows delegation of administration to local or remote staff
  • Fully customizable security policies, fully brandable interface
  • Shared services model enables accounting and inventory management per BU

Broad Choice of 2FA Methods and Tokens

  • Context-based authentication
  • OTP soft tokens (OTP apps) for mobile, desktop and Mac
  • OTP hardware key fob tokens
  • OOB via push notifications
  • OOB via email or SMS
  • Pattern-based authentication (GrIDsure)

Standards-based Security

  • FIPS 140-2 validated soft tokens
  • DSKPP secure provisioning soft tokens
  • Hardware-based root of trust (token secrets and encryption keys secured in an HSM)

Flexible As-a-Service or On-Prem Delivery

  • SafeNet Authentication Service Private Cloud Edition - For on-premises deployment

SafeNet Authentication Service PCE Benefits

Low Total Cost of Operation

  • Simple, low, per-user pricing model with no hidden or additional costs
  • Large-scale automation, user provisioning, and user self-enrollment


Get in contact with an Access Management Specialist

SafeNet FIDO2 Devices

Arming your Enterprise with Strong & Secure Passwordless Authentication

As enterprises enter the 2020s, expand their digital transformation and move to the cloud, the majority of security breaches are related to identity theft. Many organizations have invested in strong authentication schemes, including PKI-based authentication.

These organizations now face the challenge of having to address new use cases, while maintaining the optimal balance between security and convenience.

Switching to a Passwordless world

FIDO2 is the umbrella term for FIDO Alliance's newest set of specifications. FIDO2 enables users to capitalize on common devices to authenticate smoothly ease to online services in both desktop and mobile environments. FIDO2 expresses the industry's solution to the global password challenge and addresses all of the concerns of traditional authentication:

How can organizations achieve a seamless and passwordless logon experience from all devices? How can organizations address new use cases without having to rip and replace their authentication methods? Thales, the world leader in digital security, addresses these issues with two SafeNet FIDO2 compliant devices: the SafeNet IDPrime 3940 FIDO (Smart Card) and SafeNet eToken FIDO (USB token). The FIDO card and the FIDO token enable organizations to secure cloud adoption and bridge secure access across hybrid environments via an integrated access management and authentication offering.

FIDO Authentication Solutions

FIDO2 and PKI Support, All in One Device

FIDO2 and PKI Support, All in One Device

The SafeNet IDPrime 3940 FIDO Smart Card is designed for PKI-based applications and comes with a SafeNet minidriver that offers perfect integration with native support for Microsoft® environments, without any additional middleware. This dual-interface smart card, allowing communication either via a contact interface or via a contactless ISO14443 interface, is also compatible with some NFC readers.

USB Token with Touch Sense Options

USB Token with Touch Sense Options

The SafeNet eToken FIDO is a USB token, an ideal solution for enterprises looking to deploy passwordless authentication for employees. This authenticator is a compact, tamper-evident USB with presence detection, which creates a third factor of authentication: Something you have (physical token), something you know (PIN), something you do (touching the token).

PKI Benefits for Customers

One of the biggest benefits of the offering is organizations that rely on PKI authentication can now use a combined PKI-FIDO smart card to facilitate their cloud and digital transformation initiatives by providing their users with a single authentication device for securing access to legacy apps, network domains and cloud services.

SafeNet IDPrime 3940 FIDO and SafeNet eToken FIDO both support FIDO 2.0 standards and are compatible with Microsoft Azure Active Directory accounts. Both devices are FIDO2 and U2F FIDO certified.

Arm your enterprise with strong and secure passwordless authentication to any environment.

Benefits include:

  • Secure cloud adoption and bridge secure access across hybrid environments with a combined PKI/FIDO smart card
  • Easy access on multiple operating systems.
  • Passwordless access to cloud apps & network domains
  • Single authenticator for all users' needs
  • CC certified
  • Supports all devices and OS (without middleware deployment)
  • Ideal for digital signatures and email encryption.


Get in contact with an Access Management Specialist