In light of recent, well-publicized hack attacks on Fortune 500 companies and Federal government agencies, implementing effective security to protect data and networks is now a top concern among organizations of all types.
What’s not working is the usual practice of denying access and placing barriers between users and resources, which often forces employees to find workarounds to get their jobs done – a situation that can result in greater risk exposure.
To break through this conundrum, many organizations are looking at deploying a context-aware approach that ensures user productivity, while enforcing access rights to business assets.
A context-aware model offered by Dell, for example, implements a security analytics engine (SAE) that returns a risk score based on multiple factors during each access request:
- Browser – Includes historical analysis of any browser use that falls outside of normal behavior for the user.
- Location pattern – Detects any requests for access originating from an abnormal location.
- Specific location – Prevents access initiated from specific locations or geographies known to foster malicious activity.
- Time – Detects any requests for access that occur outside of customary times and days for the user.
- Blacklist – Prohibits requests for access based on a list of forbidden networks or network addresses.
- Typical behavior – Adjusts security requirements based on normal user behavior. If an access request falls outside the norm, security can be adapted to reduce risk.
The SAE weighs the “who, what, when, where, and why” of access requests according to organizational needs, user population, threats, practices, applications, and infrastructure. It then produces a total risk score to adjust enforcement in real time, thus providing the right level of security in any situation. The result is stronger security and a more productive workforce.
DataLink has security solutions to help protect your organization. Contact us today at 410.729.0440 or sales@DataLinkTech.com.