Geofencing: Secure Access Based on Location

Cyber security is challenging enough when employees are inside the four walls of an office. Now that many companies are supporting a remote workforce, the complexity only increases. Each additional device, Wi-Fi network, and user accessing organizational resources has the potential to expose the business to more cyber threats. It’s more important than ever to keep potential hackers out, while still making it easy to let employees in.  

Rather than blanket restrictions that add obstacles for employees and slow down everyday tasks, organizations need flexible yet granular security policies to control employee access. With LastPass Identity, contextual policies like geofencing give admins more control to determine what’s “safe” and what’s not, so employees inside and outside the office can work efficiently while would-be attackers are locked out. 

Why geofencing matters 

LastPass Identity offers over 100 customizable policies that help admins administer security requirements and mitigate potential threats across an organization. When supporting a remote workforce, it’s even more important to ensure that only the employee is the one with access to company services and resources.  

Geofencing policies ensure remote work is more secure by restricting employee access based on geographic location. Even with employees out of the office, admins can still restrict access to approved home or travel locations. Anyone trying to log in from somewhere else is instantly blocked. 

With a geofencing policy in place, admins can more accurately restrict access to the right people, and significantly reduce the risk of a data breach. 

Using the geofencing policy in LastPass 

When enabling the geofencing policy, admins can create customized green zones and red zones that define where and where not employees can authenticate from when using multi-factor authentication. 

A green zone is a trusted geographic area where employees can authenticate from. A green zone would typically encompass any office locations. In a business supporting a remote workforce, it would also include known home locations. If any employees are traveling, it could be customized to include other locations for that specific employee.  

A red zone, in contrast, is a location where someone would be specifically blocked from logging in. Most likely, it includes locations where employees do not travel and where the business does not operate. It could even include locations from which previous cyberattacks originated.   

Green and red zones can be adjusted as employees join and leave the organization, or as needs change over time. The granularity of the geofencing policy ensures employees have easy access even when working remote, while reducing the threat of unauthorized access. 

Watch our video to learn more about the benefits of a geofencing policy with LastPass Identity.