In the relatively quick journey from don’t-even-think-about-bringing-your-own-device to please-absolutely-bring-your-own-device, identity management has experienced some dramatic transformations. And it’s still evolving now, as security policy continues to move away from limiting user options and toward expanding them.
Organizations haven’t taken long to come around to thinking that giving users more ways to access the resources they need is the best way to take care of business in the age of mobile and cloud. Who hasn’t figured out by now that trying to confine people to employer-issued devices and employer-approved applications is just plain counterproductive? It slows people down, makes them less efficient and ends up driving them to find ways around the rules anyway.
So instead of continuing to resist more openness, organizations find themselves looking for ways to embrace it. It’s a challenge, to be sure, because more openness by definition invites more risk. And on that quest to find the holy grail of delivering access that’s both convenient and secure, identity has a pivotal role to play.
Making the Move From Identity Management to Identity Assurance
For example, if you detect a user connecting to the network on the same approved device in the same manner they use every day, or signing into applications they rely on all the time, then that presents relatively little authentication risk. But what if there’s something different this time? Perhaps they’re trying to sign into an application for the first time, or they’re using a different device from a different location. How do you contain the potential risk without burdening the user?
We have a few thoughts on that: You can get identity assurance with contextual clues and anomaly detection, as in the example above; by using machine learning to help recognize behaviors that will provide assurance; and by having a rich ecosystem of data sources to provide as much information as possible to learn from. And if you do have to require step-up authentication in real time, having a broad range of flexible multi-factor authentication choices (e.g., mobile push notification, fingerprint scanner and eyeprint reader) will give the user freedom to choose the most convenient path.
Convenient, Secure Access Is the Whole Point of RSA SecurID® Access
That brings us to RSA SecurID® Access, the solution that achieves the elusive balance between convenience and security through identity assurance. RSA SecurID Access provides a range of authentication options to keep users happy and also keep the business secure. It allows for access policies that gauge risk from contextual clues and enable risk-based authentication decisions. With it, the security team has the control over access that’s needed to keep the organization safe, and business users have the freedom and flexibility to keep moving forward.
The post Delivering Convenient and Secure Access to the Modern Workforce appeared first on Speaking of Security – The RSA Blog.
|Update your feed preferences|