Take Your Security to the Next Level with Context-Based Authentication

Six billion: that’s the number of records stolen in the first nine months of 2019, a figure that led research firm Risk Based Security to name 2019 the worst year on record for data breaches. Worldwide, these breaches are also becoming more and more expensive, costing impacted organisations an average of $3.92 million, per estimates from the Ponemon Institute.

As data breaches increase in size and severity, businesses need to do more to keep pace with sophisticated bad actors and improve their security. A secret weapon that should exist in any organisation’s arsenal is context-based authentication, which helps to minimise and reduce exposure to potential risks.

What is context-based authentication?

In the simplest terms, context-based authentication adds flexibility to multi-factor authentication (MFA). It builds risk assessment capabilities into access decisions by analysing users’ behaviour and context, such as which device or network they’re logging in from. If used successfully, it helps better protect your resources and enhances employee login experiences—finding that crucial balance between security and usability that most organisations strive for.

Level up your security

Taking security to the next level with context-based authentication delivers three key benefits:

  • Secure authentication for employees, partners, and customers that need access to various apps, systems, and devices—regardless of their location
  • Simple deployment and maintenance for admins without impacting end-user productivity
  • Intelligent security policies that limit identity challenges based on login context

These three factors allow organisations to better protect their data without hindering their workforce. To reach this goal, context-based authentication does two things: 

Establish a baseline

By establishing a behavioural baseline, adaptive authentication makes it easier to understand what ‘normal’ looks like for each user. This includes insight into where, when, and from what device a user usually logs into certain servers or applications.

Respond to behavioural anomalies

With a baseline established, context-based authentication works in the background to assess all logins against that baseline—scanning for any potential anomalies. For example, access requests detected from unusual geographic locations, suspicious VPNs, or at a time when the user is usually inactive can be identified as high-risk requests that prompt for additional verification factors. As such, context-aware authentication processes enable businesses to prevent hackers from taking over user accounts and potentially compromising the organisation as a whole.

Making the best of adaptive authentication

There are a number of benefits to implementing context-based authentication. However, if implemented poorly, adaptive MFA can compromise user experience or leave fatal gaps in an organisation’s security defences. To avoid that, companies should consider these approaches to implementing context-based authentication policies.

Think creatively

The best context-based authentication processes assess multiple layers and signals while still being unobtrusive. While assessing locations, networks, and device signals makes it more difficult for an attacker to circumvent MFA, employing a hyper-sensitive solution might trigger too many MFA requests and hinder user experience. 

Go passwordless

Passwords are already a headache for most employees—not to mention your security team. By removing passwords from your list of factors, you can simplify how users interact with your context-based authentication system, relying on biometric factors or push notifications instead. The added bonus? Eliminating passwords also reduces the risk of credential attacks within your organisation.

As large-scale data breaches continue to be the norm, it’s imperative that businesses level-up their security. To reduce their risk exposure, they should consider protecting user identity by deploying context-based authentication policies across the organisation’s resources. 

Interested in learning more?

Okta’s Adaptive Multi-factor Authentication analyses all of your login requests.