There has been lot of talk around context based authentication especially to trigger strong authentication. I am not not able to visualize how the foundation can be built in a companies which have hundreds or thousands of applications. When I say foundation, I really mean on which the AM or applications can rely to understand the context of the user. Have you implemented context based authentication in your systems or If you are going to ? How is the "foundation" built?

Security Strategy & RoadmapIdentity & Access Management (IAM)
1.2k viewscircle icon2 Comments
Sort by:
Vice President in Bankinga year ago

One of the basic context based authentication factors is device used, geographical location, user behavior and risk score calculation based on it. If need be, you could add more factors for calculating risk score. Based on the risk score, access can be controlled. For instance, triggering MFA for a higher risk score.

Information Security Manager in Manufacturinga year ago

We haven´t implemented context based authentication and at this moment is not in our short term initiatives. At least for core applications we´re focusing on maintaining healthy environment with access controls based on job positions, using an IAM solution. In addition we prioritize the use of PAM to mitigate the risks of unauthorized access to our systems.

Lightbulb on2

Content you might like

I'm looking to go for the Certified CISO certification & training as I'm an aspiring CISO. Any recommendations and additional certifications that I should be doing along with that? I already have CISSP. 

Read More Comments

What’s the best place to start when evolving data governance?

The data19%

The people43%

The processes21%

The policies12%

I wish I knew5%

View Results

How are you diversifying threat intelligence sources? Have you been able to reduce reliance on CISA for TI?

What is the industry trend for research topics to pursue in the next five years as it relates to application security and cybersecurity? Where is the trend heading for someone new to the field if they were to invest in a sub-topic? What are the best skills to level up in?

When it comes to implementing CMMC 2.0 for your organization select the most challenging tasks below.

Continuous Monitoring24%

Scoping what's CUI or FCI36%

Incomplete Data/System Security Plans63%

Finding the right staffing for implementation53%

Asset Management34%

Management buy-in for CMMC investments22%

Implementing Security Controls21%

View Results