July 15, 2019

Continuous Authentication = Continuous Protection

There was a point in time where IT security mimicked the concepts of security for medieval castles. Specifically taking the guns, gates and guards at the perimeter as a way of preventing the bad guys from getting in, into the digital equivalent of identity authentication allowing only the good guys to access your precious IT resources. This binary approach to IT security is unfortunately one of the primary factors cyber criminals are so successful. The good news is that new continuous authentication solutions create continuous protection.

The Role Of Authentication In IT Security

It is common knowledge that authentication is one of the pillarsof every IT security strategy. Ultimately the only way to access any digital resource from hardware, to infrastructure to applications to the cloud is to login to that resource. In other words, authenticate to that resource so they will allow you entry (authorization) for use of that resource.

 

SearchSecurity describes the role of authentication in Identity Access Management stack of IT security

“During authentication, credentials provided by the user are compared to those on file in a database of authorized users' information either on the local operating system or through an authentication server. If the credentials match, and the authenticated entity is authorized to use the resource, the process is completed and the user is granted access. The permissions and folders returned define both the environment the user sees and the way he can interact with it, including hours of access and other rights such as the amount of resource storage space.

Traditionally, authentication was accomplished by the systems or resources being accessed; for example, a server would authenticate users using its own password system, implemented locally, using login IDs (user names) and passwords. Knowledge of the login credentials is assumed to guarantee that the user is authentic. Each user registers initially (or is registered by someone else, such as a systems administrator), using an assigned or self-declared password. On each subsequent use, the user must know and use the previously declared password.”

All authentication started out with the premise that once authenticated the user is “safe” to do as they please. There are two fundamental flaws with this binary approach:

  1. If someone gains access to legitimate (i.e. steals them or buys them on the Dark Web) then they now have legitimate access to do illegal or damaging activities.
  2. If a legitimate person correctly authenticates with a resource and then walks away from that resource leaving it vulnerable for someone else to hijack that session to do illegal or damaging activities.

This understanding of the fundamental flaw in binary authentication was the genesis for continuous authentication technologies.

The Value Of Continuous

Continuous authentication is exactly what it sounds like. Instead of just authentication a user at the start of a session, the technology constantly monitors the activities of the user during the session to determine if that user is still in fact who they are supposed to be. The challenge at this point becomes how a technology can differentiate between a validated user and someone who comes along to use a previously validated credential.

For background on the latest technologies to handle this challenge, check out our blog titled “5 Stages Of Machine Learning For Identity Authentication”. This will form the basis for your understanding that combining the concept of continuous authentication with the latest in AIML-based cognitive authentication techniques delivers a truly unique approach to continuous protection.

Cognitive Continuous Authentication

Acceptto was the first to understand, develop and deliver continuous authentication. Our company was built on the foundation that the only way to ensure digital credentials are being used only by the person who those credentials represent and not some imposter or someone hijacking a device correctly authenticated by that person.

Acceptto’s eGuardian engine continuously creates, and monitors user behavior profiles based on the user interaction with the It’sMe authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian is capable of autonomously and continually learning new policies and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral AIML approach automatically finds the optimal policy for each transaction. eGuardian leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate your identity prior to, during and post-authentication.

Download the Intellyx’s whitepaper titled  App Authentication Evolves in a World of Compromised Credentials today and then check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.

 

Download Intellyx Whitepaper

biobehavioral authentication identity Access Management continuous authentication