Classic access control is no longer sufficient in online business. Only Continuous Adaptive Trust creates the flexibility that companies need today: either to increase IT security or to improve the user experience.

 

Trust and security are the be-all and end-all for success in online business. This is particularly true in the financial sector. Passwords are an important element of any IT security infrastructure. But a password alone is far from secure enough. The bad news: Even multi-factor authentication (MFA) is no longer enough. Because modern hacking methods only take effect when the MFA hurdle has been successfully overcome.

 

One-time access authorization is no longer sufficient

Risk-based authentication is a first answer. It evaluates authentication attempts based on signals such as the IP address range or access location. The problem: risk-based authentication only works during log-in. It does not protect against attacks during an ongoing online session. As before a man-in-the-middle attack, in which hackers sneak into the communication between partners unnoticed. This is where Continuous Adaptive Trust (CAT), as Gartner calls the principle, comes into play: CAT continuously analyzes the risk during an ongoing session.

 

Check the trust level permanently

The first authentication in the log-in process is comparable to the driving test: Anyone driving a car needs a driver's license. People over the age of 75 must undergo a medical examination every two years: this is essentially risk-based authentication. However, to ensure that everyday traffic is safe, continuous measures such as speed checks are required. CAT assumes this role for online access. Does the browser or the IP address change? Do mouse movements or keystrokes vary? Is the trust given at login still justified? With the help of artificial intelligence and risk sensors such as safety gateways, CAT searches for anomalies in user behavior. From the first log-in to the end of a user session.

 

Security and user experience in harmony

More security measures often mean less user-friendliness. Complicated registration processes are a deterrent, and constant authentication disrupts the user journey. CAT balances usability and security. Re-authentication is only necessary if a user activity appears suspicious. Otherwise, users will not notice anything about the ongoing review.

 

Avoid attacks with CAT

Because hackers at CAT would have to deceive all risk sensors at the same time, many attacks can be prevented. This is particularly relevant for the popular (and convenient!) single sign-on: Users authenticate themselves once with supported online access and use it to access different accounts. Your identity and corresponding rights are permanently confirmed. CAT, on the other hand, keeps checking whether trust in users is still appropriate. It also perfectly complements the Zero Trust model: Each service checks directly at its interfaces whether access is permitted. While Zero Trust creates a defensive wall with many small strongholds, CAT ensures continuous internal controls.

 

CAT as a competitive advantage

In the technical implementation, CAT requires the integration of various components. It takes web application and API protection (WAAP) to measure risk signals. The adjustment of the trust level realizes an identity and access management. Since these components rarely come from the same provider, the implementation is more complex. It is therefore important to have a provider that brings together and evaluates the signals from all subsystems: a managed security service such as Ergon's Airlock Secure Access Hub.

Multi-factor authentication alone is no longer enough today.

Michael Doujak, Product Manager, Airlock.

Continuous Adaptive Trust is a paradigm shift in IT security.

Marc Bütikofer, Head of Innovation Security Solutions, Airlock.

Blognews directly in your mailbox

The Airlock Newsletter informs you continuously about new blog articles.

Subscribe blognews

Information for you

-Our whitepapers-

Executive View: KuppingerCole - Airlock Secure Access Hub for applications and APIs

This KuppingerCole Executive View report provides an architectural and functional overview of the Airlock Secure Access Hub, an integrated platform for secure access management - a multicloud-native security tool for web applications, APIs and beyond.

 

Fill out the form now and receive Executive View!

Whitepaper: Security for cloud-native applications

You can read about how companies can ensure the security of web applications and APIs in Kubernetes in the white paper "Security for cloud-native applications", which was created in collaboration between heise and Airlock.

 

Request whitepaper

Whitepaper: Zero Trust is a journey

The ongoing digital transformation of the world is progressing and having a profound impact on our personal and professional lives in ways that were difficult to imagine just a few years ago.


This white paper discusses the effects of continuous digitalization and its impact.

Request free of charge

Off to DevSecOps

In this white paper, you will learn the most important insights into how you can implement DevSecOps successfully and efficiently, which security components are required for this and the advantages of a microgateway architecture.

 

Request free of charge

Airlock 2FA - Strong authentication. Simple.

Double security - this is what two-factor authentication offers in the field of IT security.


Find out more about strong authentication and the possibilities offered by Airlock in our white paper.

Download for free

Further whitepapers

We provide you with free white papers on these and other topics:

 

  • Successful IAM projects
  • compliance
  • Data protection (DSGVO)
  • Introduction of PSD2
  • PCI DSS requirementsPCI DSS requirements
Request free of charge