Business Continuity through Authentication Flexibility
The Federal Emergency Management Agency defines business continuity this way, “Continuity includes all activities conducted by jurisdictions to ensure that their essential functions can be performed. This includes plans and procedures that delineate essential functions, specify succession to office and emergency delegation of authority, provide for the safekeeping of vital records and databases, identify alternate operating strategies, provide for continuity communications, and validate these capabilities through test, training, and exercise (TT&E) programs.”
The Federal Government is currently facing the challenge of keeping essential functions running during the government shutdown – similar challenges exist when security is compromised.
When faced with a disruption in enterprise security, businesses need to ensure that data is protected and that system access is not compromised. Appropriate security policy will trigger varying authentication challenges based on risk analysis such as suspicious transactions, policy violations, or out-of-norm behavior. These security authentication parameters should be customized in real-time for users both inside and outside the organization, presenting authentication challenges based upon the latest threat assessment.
For example, security threat models mapped to the overarching identity access management strategy would challenges to users based on logins from a particular region or country, login frequency, changes in their ISP, machine characteristics, or other criteria.
To learn more about how to plan for and manage through potential business continuity disruptions, contact our specialists.
Recommended For You
As an HR professional, it’s your priority to protect employee data. You may not realize it, but responding to employment […]
The CERCA Spring Conference, held on May 16, capped a broadly successful 2018 filing season that saw tax identity theft reduced by […]
As fraudulent attempts increase during account openings and applicants grow less patient with invasive anti-fraud techniques, organizations must find a […]
There’s good news and bad news when it comes to fraud and the growth in technology. The bad news is […]