There has been lot of talk around context based authentication especially to trigger strong authentication. I am not not able to visualize how the foundation can be built in a companies which have hundreds or thousands of applications. When I say foundation, I really mean on which the AM or applications can rely to understand the context of the user. Have you implemented context based authentication in your systems or If you are going to ? How is the "foundation" built?

Identity & Access Management (IAM)Governance, Risk & Compliance
1.2k viewscircle icon2 Comments
Sort by:
Vice President in Bankinga year ago

One of the basic context based authentication factors is device used, geographical location, user behavior and risk score calculation based on it. If need be, you could add more factors for calculating risk score. Based on the risk score, access can be controlled. For instance, triggering MFA for a higher risk score.

Information Security Manager in Manufacturinga year ago

We haven´t implemented context based authentication and at this moment is not in our short term initiatives. At least for core applications we´re focusing on maintaining healthy environment with access controls based on job positions, using an IAM solution. In addition we prioritize the use of PAM to mitigate the risks of unauthorized access to our systems.

Lightbulb on2

Content you might like

When it comes to implementing CMMC 2.0 for your organization select the most challenging tasks below.

Continuous Monitoring24%

Scoping what's CUI or FCI36%

Incomplete Data/System Security Plans63%

Finding the right staffing for implementation53%

Asset Management34%

Management buy-in for CMMC investments22%

Implementing Security Controls21%

View Results

What type of Zoomer are you?

The one walking around the house15%

The one who just woke up28%

The one without the camera on40%

The one who always talks10%

The one doing funny faces5%

View Results

I’ve been digging into ways to strengthen Zero Trust on IBM i systems, especially as more orgs shift toward hybrid cloud. I’m curious, how are others approaching threat detection around shadow AI use and supplier exposure in these environments?

I'm looking to go for the Certified CISO certification & training as I'm an aspiring CISO. Any recommendations and additional certifications that I should be doing along with that? I already have CISSP. 

Read More Comments

What is the industry trend for research topics to pursue in the next five years as it relates to application security and cybersecurity? Where is the trend heading for someone new to the field if they were to invest in a sub-topic? What are the best skills to level up in?