Be Progressive: Add Risk-Based Authentication

Progressive Authentication

In the past few weeks we’ve seen a rush of companies adding two-factor authentication to protect their data and systems. Coming on the heels of so many recent hacks and data breaches, it’s a good move for business.

When you are ready to add more security, how do you decide what is best? Forrester’s Andras Cser says, “Forrester sees more and more IT security professionals moving away from hardware-based 2FA authentication tokens toward risk-based authentication (not only for customer access but also for enterprise user access) and to easier-to-manage software-based tokens.”

A risk based system allows security to be applied across the board, but not at the same level for every user, every time. A user logging in from a secure corporate location usually presents less risk than one coming in from the out-of-town internet café. A user adding information to an online form presents one set of risks, but someone trying to access PII presents a higher level of risk.

Progressive authentication is our term for using an integrated set of tools for situation-based authentication of users seeking access to enterprise networks, data, and applications. Progressive authentication is a powerful way to solve the problems Forrester recognizes as inherent in traditional authentication measures:

  • Fragmented, haphazard approaches to identity authentication across multiple systems and multiple user groups
  • Exorbitant costs of traditional hard token and card-based authentication measures
  • Tardy, out-of-sync compliance efforts for multiple applications
  • Lack of resources to implement tighter security controls
  • Repeated breaches of supposedly iron-clad authentication approaches

If you’d like to speak to a specialist about the best ways to protect your proprietary information and PII, please contact us to learn more about progressive authentication.