What is Adaptive Authentication? Adaptive Authentication Explained and How It Changes Based on Risk
Every IT department has the same goal: protect data from attackers and unauthorized users but make it available to authorized employees on any device and from anywhere. The Problem: Simple passwords and elementary data protection methods are easily worked around.
Multi-Factor Authentication, one-time-passwords, and biometrics can improve security, but may not be as user friendly and convenient as the employee would like. Adaptive Authentication evaluates each access request and only steps-up the authentication when it deems a logon as a risk.
Adaptive Authentication takes a group of variables and develops a risk score, based on rules set by the security team. Each request is evaluated and put through a series of checks until they are either granted or denied access.
Among many, some techniques for risk scoring include:
- Device Registration and Fingerprinting – Has this device been used before? And if not, force a device registration process.
- IP Reputation – Is the IP address requesting access associated with a known botnet, tor network, or foreign government?
- Identity Store Lookup – What level of authorization is the account normally allowed? Is this an admin account?
- Geo-Location & Geo-Velocity – Is the user logging in from a known previous location such as an office network, and if not, could the user have traveled to the new location at a reasonable speed?
- Behavioral Analysis – Is the user logging in outside of business hours, and if so, is this unusual?
Adaptive Authentication can be tailored to each organization’s needs, the employees’ tolerance, and to regulatory requirements. This will allow low risk users to easily logon to their corporate applications in a matter of seconds without even knowing they are being given a weighted risk score. On the other hand, if an attacker gets a hold of compromised credentials, it gives the security team a chance at stopping or slowing down the attacker because they will have a higher risk score which will trigger a second factor check.
Risk-Based Adaptive Authentication adds an additional layer of security to protect your critical data and resources. Click here to request a demo and explore the benefits of the new adaptive authentication!