As organizations grapple with ever increasing challenges around
Traditional Multi Factor authentication is now recognized as a minimum requirement in protecting an organization. Inevitably, as measures are put in place, attackers will adapt and security breaches will become more sophisticated. It is therefore logical that Multi Factor Authentication should adapt as well.
The next generation of Multi Factor Authentication or Context Based Authentication encompasses intelligence and context. The result is multi factor authentication combined with live attack intelligence data captured in real time from the Internet.
We need to be very clear here. This is proactive intelligence, happening right now. This is not the traditional forensic approach to intelligence of the internal capture and monitoring of data to react to anomalies after they occur.
While that traditional Big Data approach has its place, as far as securing authentication and an organization’s border is concerned, it very simply is not sufficient. Organizations need to be proactive not reactive.
An organization should not be looking for authentication breaches or suspicious activity by solely focusing on internal reactive data. Their authentication solution should take care of this, removing the burden and overhead of attempting to identify malicious intent or inappropriate access attempts.
Being Proactive Shows Intelligence
The key is utilizing threat intelligence information during the authentication process to make decision making a proactive and pre-authentication event. Wherever decisions are reactive, organizations are tracking activity after an event, it’s too late. The data has been stolen, the breach has occurred. Bad actors are in and they’re now blending in with your users.
This is why intelligence built into the authentication process becomes so important and vital. Intelligence allows an organization to identify potential bad actors at the source, using live threat intelligence data, consumed in the authentication process in real time.
What an advantage to be able to detect if a device had been compromised, before authentication occurs and before the device is on an organization’s network. Removing the threat of an attacker gaining a foothold and moving laterally.
Author: James Romer, Director of Technical Services, EMEA