Peter MartiniOne of the most important elements of security is identity. That is an inarguable fact. However, the definition of identity has changed over the years. For example, a simple call of “who goes there” was more than adequate to garner admittance to a frontier campsite. A simple challenge, met with a response that verified identity beyond the elements of “friend or foe.”
Today, technology has changed what identity is all about. Complex IT implementations not only need a user’s identity, but they also need several other factors to validate who—or what—that actual user is. Simply put, properly securing IT systems takes more than a name and password challenge, it must also take into account factors that verify identity beyond these simplistic factors.
Another inarguable fact: Identity theft is on the rise, with individuals falling victim to cyber scams on a daily basis. Worse still, enterprises are even more susceptible to the dangers of identity theft. When a user’s identity is stolen, that information can be used to access enterprise IT technology. Clearly, enterprises have to do more in the realm of identity to protect their assets.
The answer to the problem lies with advanced security technologies, technologies that not only identify a user, but also understand the patterns associated with that user. In other words, security systems must identify users as well as authenticate their identity using tools that gauge user reputation.
That, of course, takes more than the traditional challenge and response systems used by networks today. The ability to score reputation and understand behaviors means adding another layer to security, a layer powered by machine learning and adaptive algorithms that can build profiles for each user using key elements like the location from which a user normally connects, systems the user accesses, working hours, and more.
It all comes down to understanding a user’s behaviors and measuring those behaviors against expected activities. Why? Because most intrusions generally fall out of the established usage norms; and there are always tell-tale signs when an attack is taking place. The problem is that those signs are often discovered weeks or months after an intrusion occurs and usually only after a human becomes involved in some type of security audit. In other words, the signs are all there, but no one is seeing them.
Advanced security technology can come to the rescue, functioning as a constant guardian who seeks out the anomalies that help to identify intrusions—regardless of whether they are human-sourced or machine-powered—and goes well beyond asking, “Who goes there?”
