Use Behavior and Context to Secure Access

The traditional perimeter which protected IT assets on the corporate network has become irrelevant. The proliferation of cloud-based services, such as email and online file sharing, being used to augment conventional in-house IT systems, and the rise of mobility where remote access from anywhere is required by your employees, partners and even customers, has effectively moved the perimeter from the firewall to the device. Identity is now the new perimeter as securing access to your systems requires definitively authenticating every login, on every device, for every user and every application - every time.

With identity playing such a vital role in modern system security, it stands to reason that attackers have shifted their focus from searching for vulnerabilities in infrastructure. Targeting individuals offers a much greater reward for a lot less effort when login credentials can be compromised, and full system access gained.

Securing access to your services and applications, whether they are hosted on-premise or in the cloud, is vital in today’s information economy where ubiquitous access is a critical requirement for twenty-first century commerce. However, an identity-centric approach to security is needed - one that takes user behaviour and context into account.

The modern workplace is at risk

Sophisticated techniques such as spear phishing, password spraying, and man-in-the-middle attacks target poor password hygiene to capture user passwords and gain unauthorised access to the treasure trove of data these services store.

Hackers, hacktivist collectives, cybercriminal organisations, disgruntled former employees, and even nation states target online services seeking to extract data and compromise their security. This persistent risk has led to a surge in innovation, culminating in the creation of advanced, sophisticated tools and processes to augment the traditional username and password. Multi-Factor Authentication (MFA) has been proven to be an efficient countermeasure effectively mitigating this risk. Requiring a user to prove identity through providing something they have, such as a security token, or something they are, such as a biometric trait, adds an additional layer of needed security. However, MFA is not infallible. To ensure an even greater level of security, augmenting MFA with an underlying set of processes and policies is needed. .

Adaptive authentication through context and behaviour

Organisations clearly need new solutions to secure access. MFA is a step in the right direction, adding additional identity verification requirements to help protect both the individual and the enterprise. But adaptive multi-factor authentication (AMFA) takes this even further by considering the user context and behaviour behind each authentication request.

By adding a contextual layer to an identity and access management solution, the authentication service can either grant or deny access based not only on a correct credential combination, but on a range of factors that determine the risk rating assigned to the request.

For example, let's use location as a context measure. If a user initiates an authentication request from an unknown, new or unusual location, the risk rating for that request will be higher than if the user had requested access from a known location such as their home or office. In these instances, the user would be prompted to enter an additional authentication factor such as a One-Time Password (OTP), or else would be denied access if the risk was deemed too great.

Contextual awareness is governed by the specific policies that oversee the authentication process. At Okta, policies are based on context types such as device, location, network, and client (the browser or application requesting access). Whenever an authentication request is made, Okta measures the risk based on the contexts outlined in your organisation’s policy. Changes in login patterns, geolocation, and other factors may affect the risk rating of a given request, and will determine whether the user will be granted access, denied access, or challenged to submit an additional authentication factor.

Secure access can be strengthened further by adding behavioural detection to contextual awareness. These additional measures track unusual activity when a user requests access from anomalous location, IP, or device. Okta’s contextual awareness technology is able to help reduce login friction by tracking users’ authentication patterns and habits. By learning the device, location, time, and frequency of login requests from a given user, AMFA can help determine whether a request should have a low-risk or high-risk score, streamlining the process for verified users while helping to prevent breaches and attacks. This real-time security measure adds another layer of scrutiny to the predefined context policies.

Okta’s Adaptive Multi-Factor Authentication solution

Okta’s Adaptive MFA solution dynamically modifies security and authentication policies based on user and device context. This helps IT teams to detect anomalies in user behaviour and determine whether or not access requests are coming from trusted devices.

Through its implementation of adaptive authentication, Okta AMFA gives you enhanced secure access features such as compromised password protection, dynamic IP blacklisting, proxy detection, protection against brute-force and denial-of-service attacks, device trust, and anomaly detection.

Deploying Okta’s AMFA solution to protect your online services is a positive step forward in enhancing the security of your systems and protecting your data.

Check out any of these resources to find out what Adaptive MFA has to offer and how to implement it

Or, try it free for 30 days and find out how Adaptive MFA can integrate with your own software and systems.