There has been lot of talk around context based authentication especially to trigger strong authentication. I am not not able to visualize how the foundation can be built in a companies which have hundreds or thousands of applications. When I say foundation, I really mean on which the AM or applications can rely to understand the context of the user. Have you implemented context based authentication in your systems or If you are going to ? How is the "foundation" built?

1.2k viewscircle icon2 Comments
Sort by:
Vice President in Bankinga year ago

One of the basic context based authentication factors is device used, geographical location, user behavior and risk score calculation based on it. If need be, you could add more factors for calculating risk score. Based on the risk score, access can be controlled. For instance, triggering MFA for a higher risk score.

Information Security Manager in Manufacturinga year ago

We haven´t implemented context based authentication and at this moment is not in our short term initiatives. At least for core applications we´re focusing on maintaining healthy environment with access controls based on job positions, using an IAM solution. In addition we prioritize the use of PAM to mitigate the risks of unauthorized access to our systems.

Lightbulb on2

Content you might like

Continuous Monitoring24%

Scoping what's CUI or FCI36%

Incomplete Data/System Security Plans63%

Finding the right staffing for implementation53%

Asset Management34%

Management buy-in for CMMC investments22%

Implementing Security Controls21%

View Results

The one walking around the house15%

The one who just woke up28%

The one without the camera on40%

The one who always talks10%

The one doing funny faces5%

View Results