Home / Exciting tips / Web / Secure, Cloud-Based Identity Management with Teamstack (Review)

Secure, Cloud-Based Identity Management with Teamstack (Review)

HR is a challenge, but in the digital age where decentralized teams work asynchronously across actual hundreds of apps–each requiring a separate login–securely managing credentials can become paralyzing. Enter Teamstack: the automated, cloud-based identity management tool trusted around the globe by startups and Fortune 500 companies alike.

Secure, Cloud-Based Identity Management with Teamstack

So, what can Teamstack do for you? Put as simply as possible: it reduces the logistical overhead and risk involved in ensuring each member of your team has access to the mission-critical apps they need, when they need it (and not a moment longer).

Whether you’re onboarding a new hire, saying goodbye to former team members, or restructuring working groups on the fly to fit new projects, Teamstack has you covered. You’ll always have full control over who has access to what, and in real time. Imagine: provisioning and authentication made easy, without the need for expensive IT solutions or a bloated HR department.

If that caught your attention, let’s take a closer look at Teamstack.

Short on time? Here’s Teamstack in a nutshell

Like any solution you’ll actually use, Teamstack operates on the cloud. Here, you have a central location where you can choose which users go in what group, then set group permissions to access the apps they’ll need to complete the project at hand. What’s more, Teamstack fully integrates with over 500 of the world’s most-used apps, including G Suite, AWS, and Slack (with new apps added on a regular basis).

While Teamstack’s streamlined interface is simple to use, it offers incredible depth of customization. With a single click, you can customize multiple authentication factors, provisioning, and even SAML-powered password-free logins.

Running a small startup on a shoestring budget? Teamstack is available to you 100% free of charge and obligation. Everyone else from SMBs to Enterprise enjoys competitive rates and customized packages. Whatever the case, you’ll find friendly faces and knowledgeable minds at Teamstack Support ready to address your needs.

Digging deeper – Teamstack’s key benefits and features

Teamstack empowers teams and enhances company security within six main buckets:

1. Cloud Directory

Ready to assemble your dream team? Teamstack’s Cloud Directory centralizes your efforts into one secure, convenient web interface. Mix and match user profiles into and out of groups, setting permission levels and authentication methods as needed. You can create blanket permissions across teams, designate group access to specific apps, or both. Worried about security? Don’t be–all user information and passwords are locked behind military-grade encryption, available only to whom you designate access.

Need to suspend a user for any reason (vacation, sick, abducted by aliens)? With a single click, you can revoke access to anyone at any time. What’s more, Teamstack makes it easy to keep track of everyone’s status (Active, Suspended, Invited, Archived) and activity through comprehensive user logs.

As the scope of your project evolves along with your need for various personnel, Cloud Directory automatically synchronizes user data to keep up. Teamstack’s handling of permissions, authentication, compliance, and group management is as fluid and flexible as you need it to be.

2. One-Click Provisioning

Flexibility is one thing, simplicity is another. Teamstack knows this, and puts a heavy emphasis on making everything as easy to use as possible. Whether you’re adding or removing individual permissions associated with user accounts or groups, or making sweeping changes that affect everyone, it’s all handled with the same simple mouse-click. No fiddling around in some arcane backend filled with indecipherable code–Teamstack is 100% visual, and solidly geared towards making busy administrators less busy.

Simply add a user to a group, and watch as the magic of automation instantaneously applies all relevant provisioning. The opposite is also true, you can deprovision users or even entire groups as needed without having to worry about about rogue sign-ins. It all happens instantaneously as well–no need to wait for IT or HR to get around to it.

With Teamstack, onboarding and offboarding have never been so efficient. Imagine streamlining the process down to a measure of milliseconds–what might you accomplish with all that freed-up time?

3. Single Sign-On (SSO)

Gone are the days when dozens of employees must keep track of hundreds of different passwords. With Teamstack, you can connect a single user account to over 500 apps with just one password in an instant. Or even better, you can create a group associated with a suite of apps, the rotate individual accounts into or out of those groups as needed. This removes a ton manual labor while mitigating human error, and thus reduces the risk of sensitive credentials falling into the wrong hands.

SSO isn’t just a boon to cautious administrators, either. End-users have a single unifying portal in Teamstack’s handy browser extension, through which they have ready access to every app needed to complete the task at hand. No more emailing IT to reset forgotten passwords. Truly, Teamstack’s Single Sign-On is your passport to productivity.

4. Multi-Factor Authentication

Some projects entail more sensitive data than others. Too much security across the board will cost you in productivity, while inadequate authentication may cost you even more dearly.

With Teamstack, you have the power to tailor the perfect multi-factor authentication method or methods to suit the application. Individual users and/or groups may need to satisfy any or all of the following to gain access:

  • WebAuthn (FIDO2)
  • TOTP
  • SMS codes
  • Answer security questions
  • Recovery codes

In addition to the MFA methods above, you can further restrict access on the basis of IP address, biometrics, geo-location, and more.

Enterprise-grade security, simplified

Whenever there is a failed login attempt in any context, you’ll know about it. Teamstack is committed to protecting your company with comprehensive incident reporting and audit trails.

5. SAML Applications

What’s better than having a single password for app access? No passwords, which is precisely what Teamstack’s SAML integration allows. Not every app supports this feature, but there are some giants like G Suite, Dropbox, GitHub, Salesforce, Zoom and more.

Once again, access to supported SAML applications are easily configurable with one-click provisioning. Because you completely control who does and doesn’t have app privileges, you can avoid potential security breaches by end-users choosing insecure, weak passwords. Your IT department will be thankful, as well.

6. Form-Based Applications

Teamstack’s browser extension is truly robust, and is able to extend single sign-on functionality even to form-based applications. The experience for the end-user remains the same: simply input credentials, then Teamstack enables seamless access to all assigned applications, form-based or otherwise.

What’s more, Teamstack allows administrators to completely remove the ability for users in a group to view login credentials, drastically reducing the risk of nefarious actors stealing sensitive information. Of course, this can be customized to allow nuanced access to specific group members, as well.

Finally, if you’d rather remove the option for team members to create passwords of dubious security, you can simply generate anonymous credentials for them.

Getting started with Teamstack

Teamstack has an incredibly intuitive interface that virtually anyone can understand at a glance. Even so, we’ll take a few minutes to walk you through initial setup.

Adding and configuring apps

After signing up for Teamstack, you’ll gain access to your dashboard. Your first order of business should be adding an application to your Teamstack organization. Simply click “Applications” > “Add Application” in the top-right corner. This will bring up a page positively bustling with available applications. (At the time of writing, there are 571 apps, though you can expect that number to be even bigger in the future).

From here, you can narrow the results by category in the left-hand column, or simply navigate alphabetically in the main window. Once you’ve made your selection, you’ll see an array of options to configure the app’s nickname, how access will be handled by type (SAML, Provisioning, Form Based Auth) as available, and finally two fields to enter either Admin or user credentials.

Note: Even if you’re not sure which of the three types you’ll choose, go ahead and enter the credentials to add the app–you can always edit it later. (By default, the app is now “active”, though you can also deactivate it later, too.)

Managing users and groups

Next, you’ll need to associate users with your chosen app. Once again, navigate to “Applications”, then select your app. From there, click “Users” > “Assign” to choose a user from the resultant dropdown menu. Voila! It really is that easy.

Alternatively, you can invite users via email or import bulk data from a CSV file. Both options are conveniently nested under the aptly named “Users” menu option.

Note: There are three user roles you can define: Admins, Managers, and Users. Managers have all the privileges of Admins, except they can’t manage organizations. Users are always beholden to the rules the previous two roles set.

The process is similar for associating entire groups with applications. Go “Applications” > “Groups” > “Add Group”. From there, you’ll see several text fields where you can specify your group’s nickname, a description, plus any miscellaneous notes. If you’re associating this group with an app with Form Based Authentication, this is where you can designate whether users are allowed to see sensitive credentials or not.

Note: By default, all new users, managers, and admins join the “Everybody” group. Like any other group, you can manage which apps are associated with it, and how.

Associating users, groups, and apps

Once you’ve created your group(s), you’ll need to add users. At this point, you may not be entirely surprised to learn that this is yet another simple, visually self-guided process. Go “Groups” > select your group > “Users” > “Add” > select all who apply.

Note: If you ever want to delete a user or group, simply return to the dropdown menu where you previously added these items, click the checkbox next to your query, then hit “Un-Assign” or “Remove”, respectively. Alternatively, you can choose to “Suspend” users to prevent them from logging into your Teamstack organization without deleting their user profile.

Finally, it’s time to assign an application to your newly populated group. Simply click “Groups” then hit “Applications” under your desired group name, then “Assign”.

If that seemed easy, it’s because it is. Teamstack has taken out all the guesswork, so you can focus your precious mental bandwidth on more pressing and productive tasks.

Advanced security settings

With your users, groups, and apps getting to know one another, now it’s time to get into the good stuff. While we won’t provide an exhaustive guide, we’ll hit on some key points.

First, you’ll want to learn as much as you can about Teamstack’s MFA methods. For an exhaustive explanation, check out their handy collection of articles on Security. Otherwise, simply keep in mind that Admins can set MFA for individual users and across entire organizations.

Similarly, you can toggle various security policies on or off for users and applications, though the latter requires an add-on to your Teamstack subscription to use.

Finally, if you have any trouble integrating your SAML applications, check out their page of app-specific guides.

About the browser extension

We’ve already covered most of what you need to know about Teamstack’s browser extension, but we’ll summarize it here for easy reference. First, you’ll want to ensure your users have compatible browsers installed. These include:

  • Chrome 57+
  • Firefox 64+
  • Edge 80+
  • Opera 50+
  • Brave 1.3+
  • Yandex 20+

Note: Internet Explorer and Safari are not, at the time of writing, supported by Teamstack.

Essentially, once users log into the browser extension, they’ll navigate to their own Teamstack dashboard. Here under “My Applications”, they’ll see all the apps you’ve associated with their user account and/or group(s). Clicking on the logo of any of these apps will allow ready access according to the credentials, provisions, policies, MFA methods or SAML-powered passwordless entry you’ve assigned.

Just like the rest of Teamstack’s offering, the dashboard is simple, secure, uncluttered, and just works.

Pricing

Teamstack is available in four tiers.

Free Plan

The Free Plan is exactly that–completely free, so long as your organization has 5 or fewer users. You get integration with one SAML app, 4 FBA apps, plus basic MFA. Even if you’re unsure whether Teamstack is right for you, we recommend you give it a shot because there’s absolutely no obligation–they don’t even collect your payment information “just in case” like so many other SaaS products.

You won’t get too much in the way of advanced customer support, but we doubt you’ll need it at this tier (especially considering the extensive collection of guidance articles freely available on the Teamstack website).

Basic

Moving up a tier, you have the Basic package priced at $3 per user, per month. Your Teamstack organization can accommodate up to 25 users, 5 SAML apps, 50 FBA apps, SSO, and full functionality on both desktop and mobile devices. You’ll also get personalized customer support when you need it

Professional

At $4 per user per month, the Professional tier is for companies in need of some serious horsepower. You get 200 users, 20 SAML apps, 100 FBA apps, SSO, desktop and mobile support, plus priority support. Not too shabby for just an extra dollar per unit.

Add-ons

With both the Basic and Professional tiers, you have the option to include the following add-ons, each at an additional $2/user/month:

  • Custom MFA
  • Extended Audit Trail
  • Security Policies

Enterprise

Finally, we arrive at the Enterprise tier, where customization is king, and limitations on apps and users go right out the window. Instead of specific pricing, you work closely with Teamstack support to define your needs and craft custom security policies, codifying it all into an SLA.

Conclusion

Teamstack is something of a unicorn, as far as cloud-based identity management solutions for startups, SMBs, and enterprises go. With robust, flexible, and secure functionality, a streamlined back- and front-end interface and competitive pricing, we wholeheartedly give Teamstack our recommendation.

In short, Teamstack takes what is complicated, and makes it simple. Your business stands to benefit from increased productivity, reduced human error, and greatly improved security. Don’t sleep on Teamstack!

Do you use SAML, FMA, or form-based apps in your organization? How do you see Teamstack making your business run smoother? Got any questions about the service? Leave us a comment below.

About excitingtips

Check Also

How to blur the background in Google Meet

Google has three online meeting tools; Duo, Hangouts, and Meet. With the on-going pandemic and …

Leave a Reply

Your email address will not be published. Required fields are marked *