Risk Adaptive Access Control and Why You Should Care About It

Access to digital information is typically password protected. A password is something only you know (with the help of the yellow Post-it on your computer screen!). But is a password enough to protect a digital asset?

Password protection, if you stop to think about it, really resembles real life: When you are keeping something safe, the security measures you’ll take are dependent on your neighborhood and what you are protecting.

If you are guarding a huge pile of cash and a few diamonds, you’ll probably put them in a bank, where they have a security guard 24/7. But if your only valuable is a doormat, you’ll probably take the chance to leave it all night outside alone.

The internet is a bad neighborhood. You really don’t want to wander around without protection. So relying on passwords to protect access to your personal computer at home might be ok, but connecting to the VPN or a sales application in the cloud might require an additional form of protection.

Download: The 802.1x Sting Whitepaper Now!

Two-factor Authentication

Two-factor authentication works this way: pick things out of these concepts: something you know, something you have, and something you are.

Something you know – password / pin / passphrase / security questions.

Something you have – smartcard / token

Something you are – fingerprint / eye retina …

So is that enough? By making sure we know who you are we should then feel safe? Does that mean that you and all of your uninvited friends are ok to come along as well? Does that mean that if you visited a malaria zone you can enter the U.S. just because we know who you are?

Of course not…

This is where RISK comes into play.

RISK

Risk is the fine balance between valued danger and possible loss. Of course, there is acceptable risk and that’s a line where everyone is deciding for himself on a daily basis: whether to drive a car or ride a motorcycle.

Risk adaptive access control takes into account not only the access parameters – what you’re trying to access, how you’re authenticated — but also correlates with the attributes of your environment, your device. For example: security posture assessment of the device such as anti-virus status, anti-malware status, firewall status, up-to-date patches and more.

It also takes into account the context of a device – it’s history, where it has been, what it is usually accessing, from where it is accessing (geolocation), the time and date. On top of that, there is a layer of intelligence which correlates the device properties and behavior – such as accessed websites, installed applications and more.

A risk adaptive access control platform will correlate all of that and give a risk score to the device. Based on that score it decides whether to allow, block, quarantine or limit the access to your digital asset, whether it’s VPN access or any other network access type of connection.

A risk adaptive platform should also have all of these components: two-factor authentication (OTP for example), authentication service (RADIUS) and an endpoint risk calculation agent.

With a platform such as Portnox CLEAR, you can also be alerted of the dangers endpoints pose before they join and while they are on your network, whether they are wired, wireless or VPN. CLEAR approves access for low-risk endpoints and limits or denies access for the rest (alert, block and more).

Download: The 802.1x Sting Whitepaper Now!

While there are no foolproof solutions, you can get as close to hermetically sealing your organization’s sacred valuables as possible… but you should not rest easy until you have the mechanisms in place to do that.

Download: The 802.1x Sting Whitepaper Now!