December 30, 2019

Identity Access Management Strategy For 2020

As we turn the page of another decade and look to 2020 with new eyes, every Chief Information Security Officer (CISO) should take this time to consider their Identity Access Management strategy. Specifically, what are the characteristics of an effective IAM strategy that will take us into this new decade with more security and defenses against ever evolving cyber criminals?

Continuous Versus Binary Authentication

One of the most important strategic initiatives should be to implement a continuous authentication solution. Authentication solutions started out with the simple premise of keeping the bag guys out of secure perimeters (i.e. networks, applications, cloud services, etc). This binary (event-driven) approach assumed that once identified a valid credential that it couldn’t be used to do malicious things inside the perimeter. It turns out that this premise was pretty far from the actual truth. Thus, the requirement for continuous (process-driven) authentication was born.

According to TechTarget Search Security continuous authentication is defined as:

“A method of verification aimed at providing identity confirmation and cybersecurity protection on an ongoing basis. By constantly measuring the probability that individual users are who they claim to be, continuous authentication validates the user not just once but nonstop throughout an entire session. Focused on furnishing smart, secure identity verification without interrupting the workflow, continuous authentication is implemented using machine learning (ML) and a variety of factors including behavioral patterns and biometrics.”

The primary idea is that authentication takes place throughout the entire time a user is accessing a network or using an application instead of just upon startup. These technologies work transparently in the background, analyzing how users behave. Things like the way a user types on the keyboard, how quickly they move between the keys, how long they depress a key, and how they swipe on mobile devices, are tracked and used as part of the process instead of relying on a single event.

This analysis of user behaviors can deliver an extremely high likelihood that a particular user is the person they claim to be. Given that everyone acts in unique ways when working at a keyboard or other access device, this becomes a form of immutable identity authentication.

You should also check out what we’ve written on continuous authentication and what it can do for your business here. But just relying on a continuous solution is not enough. You should also combine continuous with a risk-based (i.e. process-driven) for a more complete solution.

Process Versus Event Driven; Where Zero Trust Meets CARTA

Almost as important as continuous authentication for your IAM strategy is the need to develop a more comprehensive approach to your processes. We have written previously on the vulnerabilities of passwords, and the need to develop and use alternative methodologies and technologies that avoid further password reuse and fatigue. Understanding that the best solution takes a process versus an event-driven approach, CISOs are now looking to risk-based authentication solutions. According to Wikipedia risk-based authentication is:

“a non-static authentication system which takes into account the profile of the agent requesting access to the system to determine the risk profile associated with that transaction. The risk profile is then used to determine the complexity of the challenge. Higher risk profiles lead to stronger challenges, whereas a static username/password may suffice for lower-risk profiles. Risk-based implementation allows the application to challenge the user for additional credentials only when the risk level is appropriate.”

Combining both a continuous and risk-based approach to authentication is best exemplified by continuous cognitive authentication solutions. You can also get more detail on where zero trust meets CARTA here.

Continuous Behavioral Authentication

Acceptto’s eGuardian engine continuously creates, and monitors user behavior profiles based on the user interaction with the It’sMe authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian is capable of autonomously and continually learning new policies and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral AIML approach automatically finds the optimal policy for each transaction. eGuardian leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate your identity prior to, during and post-authentication.

Check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.

MFA identity Access Management continuous behavioral authentication