Be Progressive: Add Risk-Based Authentication
In the past few weeks we’ve seen a rush of companies adding two-factor authentication to protect their data and systems. Coming on the heels of so many recent hacks and data breaches, it’s a good move for business.
When you are ready to add more security, how do you decide what is best? Forrester’s Andras Cser says, “Forrester sees more and more IT security professionals moving away from hardware-based 2FA authentication tokens toward risk-based authentication (not only for customer access but also for enterprise user access) and to easier-to-manage software-based tokens.”
A risk based system allows security to be applied across the board, but not at the same level for every user, every time. A user logging in from a secure corporate location usually presents less risk than one coming in from the out-of-town internet café. A user adding information to an online form presents one set of risks, but someone trying to access PII presents a higher level of risk.
Progressive authentication is our term for using an integrated set of tools for situation-based authentication of users seeking access to enterprise networks, data, and applications. Progressive authentication is a powerful way to solve the problems Forrester recognizes as inherent in traditional authentication measures:
- Fragmented, haphazard approaches to identity authentication across multiple systems and multiple user groups
- Exorbitant costs of traditional hard token and card-based authentication measures
- Tardy, out-of-sync compliance efforts for multiple applications
- Lack of resources to implement tighter security controls
- Repeated breaches of supposedly iron-clad authentication approaches
If you’d like to speak to a specialist about the best ways to protect your proprietary information and PII, please contact us to learn more about progressive authentication.
Recommended For You
Hackers. They steal and sell data, especially at the point of sale and during customer acquisition periods. No customer wants […]
Fraudsters are a smart group. With each fraud prevention method that’s introduced, they figure out ways to work around it. […]
On February 9, 2016, the President implemented the Cybersecurity National Action Plan (CNAP) designed “to enhance cybersecurity awareness and protections, protect […]
This year has seen its share of data breaches and identity theft. A top concern in this gift-giving season are […]