Despite our best efforts, attackers will find a way around even the most sophisticated preventative methods. Once we’ve accepted that reality, what do we do? Adaptive authentication can save the day. Here’s an example of just a few ways you can implement these new techniques to drop a net on attackers:
• Inspect the IP address or range of addresses and compare to known black lists and IP reputation data (like Norse).
• Compare the login attempt to defined Group Memberships in your data stores. An attacker may be able to compromise credentials or even create one of their own, but did they get the group memberships right, this one step can help you catch some pretty sophisticated hackers.
• Evaluate geo-location and geo-velocity. Is that user logging in from a reasonable location? Is the time and distance between logins reasonable or the product of an improbable travel event?
• Compare the fingerprint of the device requesting access to the last known access by the user. Do they match?
The beauty of adaptive authentication is that when used in layers, each of these attributes begins to build a wall or a net that attackers will struggle to get past. The context of the user / device / IP / application result in a risk profile that is used to provide a dynamic, secure and user friendly intelligent authentication experience. Based on that profile the user can be blocked, redirected of simply sent additional factors of authentication. This allows the good guys in while stopping the bad guys!
And let’s not forget that the experience for the end user needs to be seamless and easy to use and for the organization it needs to be flexible and above all, secure. Achieving these needs both for the user and the organization requires intelligent, risk based authentication.
Interested in finding out more?
Author: James Romer, Director of Technical Services, EMEA