Security and efficiency are constant concerns in enterprise IT. The popularity of BYOD has been a boon for improved productivity and collaboration, but it has also created a new set of challenges, increasing the potential for fraudulent logins from the personal devices that are being used to access critical and non-critical applications.
The level of risk that currently exists in many enterprises is simply not sustainable, since a single security breach can have serious consequences for both brand reputation and the company’s bottom line. To mitigate risk, many enterprises are turning to context-based authentication—a strategy that establishes trust for individual account logins without sacrificing consumer identities or workforce efficiency.
The implementation of context-based authentication can’t wait—a combination of increasing BYOD usage and sophisticated BYOD-based attacks have created a sense of urgency around enhanced security strategies. Like it or not, the time to implement context-based authentication is now, before your organization suffers a serious security breach.
The problem with BYOD
When BYOD arrived on the scene, it was enthusiastically embraced by enterprise IT. Instead of spending capital on company-owned devices, forward-thinking IT organizations enabled workers to access specified applications by using personal smartphones and tablet devices. More importantly, BYOD gave employees remote access to critical applications, improving the productivity and efficiency of the workforce.
As BYOD has evolved, employees who use personal devices to access critical applications look and feel like consumers on business websites. This consumerization of IT has created serious security threats, since remote workforce logins are susceptible to many of the same fraud tactics that target consumer-based applications.
The risks associated with BYOD are even more troubling for enterprises that require access for contractors, consultants or partners. Facilitating secure BYOD access for your own workforce is difficult enough, but now many enterprises must provide access to third parties.
To reduce risk, most organizations have implemented traditional access security controls like password verifications—measures that are being phased out because they are archaic and are no longer effective in protecting enterprises from security attacks.
Enterprises must do more to secure applications from unauthorized access, but security isn’t the only factor that needs to be considered. Although the cost of a security breach can be astronomical, managing the cost of enhanced security solutions is also a high priority, especially for IT organizations that are already being asked to do more with significantly fewer dollars.
Likewise, security protocols cannot be so cumbersome that they limit workforce efficiency. In many cases, authentication techniques are so time-consuming that they deter workers from adhering to company policy and motivate them to find workarounds that bypass security altogether.
So, across nearly all industries, enterprise IT faces the difficult task of balancing several conflicting priorities. Enterprises clearly need flexible and robust security technology to prevent account takeovers and other threats. But at the same time, security solutions must be cost-effective and minimize opportunities for the type of friction that reduces workforce efficiency.
Mitigating risk with context-based authentication
Gartner forecasts that by 2016, more than 30 percent of enterprise organizations will leverage context-based authentication to facilitate access for remote workforces. Why? Because context-based authentication gives enterprises stricter control over employees’ devices with a comprehensive process designed to establish trust with devices that access critical enterprise applications.
Unlike traditional security solutions, context-based authentication uses multiple factors to establish trust, preventing account takeovers without impacting user convenience or workforce efficiency. Key factors considered during the user screening process include:
- User identities and behaviors: User names, passwords, email addresses, associated devices and other dynamic details about the online behaviors and identities of individuals attempting to access applications.
- Device profiles: The identification of anomalies and malware threats linked to the smartphones, tablets, desktops and laptops that are being used for account logins.
- Geolocation: Real-time assessment of threat levels based on the country or region from which the login attempt originates.
- Custom business rules and policies: Enterprise-specific rules and policies designed to limit BYOD access and create a more secure IT environment.
The use of multiple factors in context-based authentication significantly improves application security because it counters the tactics fraudsters commonly rely on to obtain user credentials, i.e. malware, phishing, shared passwords and other techniques that target simplistic username password solutions.
Tips for implementing context-based authentication technology
BYOD isn’t going away anytime soon. In fact, it’s likely that BYOD usage will increase as enterprises rely more heavily on third-party contractors and employees push for additional remote work opportunities.
Unfortunately, past IT security investments may not adequately protect the enterprise from BYOD-based threats. More than ever before, enterprises need to evaluate their current security protocols and solutions, and gauge their ability to securely provide access to users logging in from personal devices.
For many enterprises, the quest for improved application security will culminate with the implementation of context-based authentication technology. With that in mind, there are several features and benefits to look for when selecting a context-based authentication solution:
1. Single sign-ons
User convenience is a critical concern when selecting IT security solutions. Single sign-on systems are designed to give authorized users secure, frictionless access to critical applications from a single login point.
Context-based authentication enables this level of convenience by employing a combination of device analytics, identity analytics, behavior analytics and login context to evaluate whether the login attempt originates from an authentic BYOD user.
2. Access for remote workforces
Enterprises that require application access for third-party contractors need to ensure that their security technology delivers seamless remote workforce access capable of protecting systems and data from unauthorized access.
Additionally, it’s important to focus on technologies that allow for the creation of customized business rules and policies for remote workers. In many cases, the customization of business rules serve as the first line of defense against unauthorized access, especially for large and/or diverse workforces.
3. Frictionless two-factor authentication
To maintain the efficiency of your workforce as well as the integrity of your system, login access needs to be both secure and effortless. When users are required to perform multiple steps to log in to applications, productivity suffers and users are incentivized to find ways to bypass security protocols.
The best context-based authentication solutions offer frictionless, multi-factor authentication that passively assesses the trustworthiness of attempted logins—streamlining access for known users that access applications from a trusted combination of accounts and devices.
4. Shared global intelligence
Shared intelligence increases the value of context-based authentication technology by combining multi-factor authentication with a real-time network of data about known, global security threats.
Solutions that leverage a global federated identity network provide the most effective and cost-efficient way to implement security improvements that mitigate enterprise risk and reduce friction for end users.
Although context-based authentication technology won’t solve all of your organization’s IT security headaches, it’s a big step in the right direction for enterprises that rely on BYOD and remote workers for normal business routines. With new threats emerging everyday, the implementation of a robust context-based authentication solution is more than a logical next step—it’s a prerequisite for enterprises that demand agile and reliable access to critical applications.