If you’ve been following the trends (or listening to the analysts) the next wave of security is centered on a concept called context-aware or adaptive security. It overcomes the static yes/no nature of traditional security with an approach that takes into account the context of an access request and adapts enforcement to perfectly suit the situation. The problem is most solutions of this type are expensive, extremely complex, and place the implementing organization on a long and difficult road before they can realize the benefits of such a solution.
But not all contextual security solutions are difficult, expensive, and complex.
One Identity's solution for context-aware security is called the Security Analytics Engine (SAE) and it is available, at no extra charge, in One Identity Cloud Access Manager (CAM). SAE acts as a risk scoreboard that returns a risk score based on a number of factors, CAM enforces access decisions based on the SAE risk score.
Here’s a diagram that shows the potential of SAE in combination with a number of different security solutions:
SAE can use contextual information from a number of sources including:
- Browser used – including historical analysis of browser use that falls outside of normal user behavior
- Geo-location pattern – detecting if an access activity originates from an abnormal location
- Specific geo-location – preventing access initiated from specific geographies know to foster malicious activity
- Time – detecting access activities that occur outside of normal user patterns
- Blacklist – a list of “forbidden” networks or network addresses, from publicly available lists or from SecureWorks
- Whitelist – a list of “approved” networks or network addresses
SAE is entirely configurable to weigh factors according to an individual organization’s needs, user populations, threats, practices, and infrastructure/application mix. CAM is configurable to enforce access controls based on the score returned by SAE including the ability to allow access, deny access, or even require step-up authentication (two-factor) prior to granting access – a concept called adaptive authentication.
Why don’t you try it out for yourself? You can always learn more by reading the white paper Context-aware Security – The Who, What, When, Where and Why of Access.