Global Sales Contact List

Contact   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Risk-based authentication is one of the simplest security technologies to understand while at the same time being one of the most intelligent and adaptable. The concept of risk-based authentication is very similar to the risk decisions we make in our daily life – from how we drive our car to where we invest our money.

Think about your commute home tonight. You come upon a yellow light and there is a choice to make: do I take the risk of going through it or do I just stop and wait? There will likely be many factors that go into your decision such as the weather conditions, how busy the intersection is, your next destination, or if there are any police cars in sight. Your mind works within seconds to process all these factors simultaneously and instantly returns a risk decision.

Risk-based authentication works in the exact same way when looking at the risk of an identity. Traditional authentication methods – from username and password all the way to sophisticated one-time password tokens – make a decision based on a simple model of “Do I trust you?/Yes or No.” Risk-based authentication goes much further than that in making a risk decision. It looks at a variety of factors such as where the user is logging in from, the characteristics of the device, and certain behaviors like the time of day a user is requesting access. But in addition to just weighing risk based on these attributes, risk-based authentication goes even a step further and looks at your current login attempt and compares it to all historical authentication requests you have made (and in some cases, the rest of the user population) and instantly returns a risk decision.

Risk-based authentication is changing the way we do enterprise authentication. It is making authentication more dynamic by looking at the big picture and asking what is the transactional context, what patterns can I glean from it and what perspectives can I bring in from the outside to make more intelligent decisions around who to trust and how and when to do so. Then based on that decision, you can ask for more or less authentication. Risk-based authentication is automating security decisions, thus making authentication more usable and more affordable.

The release of Authentication Manager 8 today is a huge leap forward in transforming enterprise authentication. It is the industry’s first release of an authentication platform that brings together the traditional world of tokens and two-factor authentication with the next generation of Big Data analytics and intelligence-driven risk-based authentication. Industries like financial services have adopted and have been refining the risk-based model for years to address sophisticated threats such as man-in-the-middle and web session hijacking attacks.

So back to the yellow light. Just as we weigh the risks before we decide to slow down and stop or accelerate when we see a yellow light, the inclusion of risk-based authentication into RSA Authentication Manager will now allow organizations to evaluate a multitude of risk factors to make more granular and informed authentication decisions on how much to trust a user and under what circumstances.

Infographic preview below. Click here for the full infographic.

AA Infographic Teaser

 

Sam Curry

Sam Curry

Chief Technology Officer, Identity and Data Protection at RSA, the Security Division of EMC
Sam Curry

Latest posts by Sam Curry (see all)

Tags: , , , , , , ,

Leave a Comment

The comments are moderated by EMC and EMC reserves the right to remove any content it deems inappropriate, including but not limited to spam, promotional and offensive comments.

Pulse in...

Follow EMC

Archives

Twitter: @EMC_News

Competitive opportunities pass quickly. Shouldn't your business be able to move just as fast? http://t.co/9TeKC50P5g http://t.co/9ly3VuCafg about 8 hours ago
How you can simplify IT with a turn-key hybrid cloud solution: http://t.co/H0YeeKd4MH http://t.co/9yZ0v8RnYt about 11 hours ago
Here's what analysts have to say on the state of the customer experience industry http://t.co/PRJye9qJen http://t.co/Dm9kaoQpeZ about 17 hours ago
The EMC Federation has made it easier for enterprises to deploy virtual desktops at scale: http://t.co/PY9XuMrfdO http://t.co/8OzZKdsdQ7 about 22 hours ago
A recap of the newly enhanced Federation End User Computing Solution, announced at #VMworld http://t.co/AQ9rprIbfg http://t.co/k9VrObmUTP about 1 day ago