A user’s behavior can tell a lot about whether that userid has been compromised, or is at risk of being compromised.  For example, a remote user who logs in at an unusual time or from a different ISP than normal may simply be traveling for work, or that ID may be being used by a hacker.

Many remote users follow established schedules, logging in from the same location and device each time.  These users may not need to go through a high-level authentication process each time they log in because the risk of being compromised is low.  A progressive authentication solution will allow different security measures to be applied based on the level of risk that the user represents when he logs in.

Setting up a one-size fits all process is sure to cause frustration for users and can actually create more security issues as users try to get around over burdensome rules, or are allowed to get in from unsecure locations. Progressive authentication technology allows you to customize strong authentication levels based on

• internal risk, such as a potential compromise
• individual business needs like the travelling users
• rights or privilege level of different user groups
• compliance requirements or data sensitivity

So users who are known to travel frequently may have different authentication parameters than the user who always logs in from the same field office.  Users with administrative rights or those with access to more sensitive data would have stricter guidelines than those without.

A progressive authentication solution should also provide the flexibility necessary to identify changes in end user behavior.  For example, the user that travels frequently would enter an out-of-band, expiring passcode every time they logged in to maintain security.  For the user that logs in from the same remote location every time, an authentication challenge would only be triggered when out-of-norm behavior is recognized – such as a change in device.

By creating a security threat model that maps to the existing identity access management strategy and to user roles, you can automatically change the level of the authentication challenge when individual users change roles or for an entire group of users at once.  This threat model can challenge users based on logins from a particular region or country, login frequency, changes in their ISP, machine characteristics, or other criteria.

To find out more about how progressive authentication can help manage risk, contact a specialist here.