So what can your authentication and continuous authentication policies protect against in the modern age? What kinds of threats loom the largest in the identity security threat landscape that authentication and continuous authentication mitigate?
In this context, authentication refers to the process of logging in, whether that involves passwords, biometrics, hard tokens, or SMS messaging. Meanwhile, continuous authentication involves capabilities such as behavioral biometrics; these features trigger after the initial login and continually monitor the activities of the users. If the users stop acting according to behavioral baselines, then that could trigger an alert and subsequent incident response.
Another version of continuous authentication involves step-up authentication; this triggers after the initial login when the user attempts to access a more sensitive database or resource. Every level of sensitivity of data corresponds to a level of sensitivity of authentication factors required.
You need both to defend against the latest threats. What exactly are those threats?
What Can Authentication and Continuous Authentication Protect Against?
Rnasomware poses a unique challenge in modern cybersecurity discourses. This species of malware infiltrates an enterprise’s network and then encrypts sensitive data or the entire network. The victim can only retrieve the encrypted data if they pay a ransom…and sometimes not even then.
Protection against ransomware often falls under the purview of endpoint security, mobile security, and backup and disaster recovery. Indeed, all of these matter in deflecting and mitigating ransomware, but authentication and continuous authentication provides another layer of security. For example, imagine placing authentication protocols before making any changes to a database or to the network overall. This would mean the ransomware malware would need privileges before it enacts its plans; any attempts of the malware to encrypt the data would trigger an alert.
Thus ransomware faces a much more significant uphill battle to turn your business into a victim.
Traditionally, phishing attacks operate in a set order. The attacker sends a malicious email posing as a legitimate institution. This email asks the user to follow a link and input their credentials to solve an immediate problem. The link leads to a fraudulent website, in many ways identical to the legitimate one, and when the victim inputs their credentials it ends up in the hands of attackers.
In a single-factor, password-only authentication policies, phishing attacks like this prove devastating. However, in multifactor authentication and continuous authentication policies, phishing attacks find less purchase. Hackers may get their hands on passwords credentials, but would still lack the biometric, hard token, and SMS text messaging factors necessary to log in. Even if they could, continuous authentication ensures that phishers can’t pose as legitimate users without triggering an alert and incident response.
Of course, identity management can’t protect against all forms of phishing; some newer forms of phishing emails trigger a malware payload upon clicking the link. You need to combine authentication with email security to form a stronger digital perimeter.
Work From Home (WFH) Security
Evidence suggests that employees don’t follow cybersecurity best practices when they don’t feel monitored by IT security teams. Further, working from home (while necessary to prevent the spread of the coronavirus) often results in less secure communications in the first place; consumer Wi-Fi connections don’t provide the same protections as corporate connections. Additionally, many enterprises are considering retaining permanent work from home policies or otherwise becoming more liberal in them.
Continuous authentication helps provide a much-needed layer of cybersecurity while your employees continue to benefit from WFH policies. By establishing behavioral baselines, and holding your employees to those standards, you can prevent insider threats caused by negligence or ignorance.
How to Learn More about Continuous Authentication
To learn more about authentication and continuous authentication, check out our Identity Management Buyer’s Guide. We cover the top providers and their key capabilities in detail.
Latest posts by Ben Canner (see all)
- 2020 Vendors to Know: Identity Governance - July 9, 2020
- 2020 Vendors to Know: Privileged Access Management - July 7, 2020
- 3 Authentication Myths to Avoid In Your Identity Management - July 1, 2020