Employing context-aware security can reduce the risk of a hacker mimicking a legitimate user to illicitly access a system, says Bill Evans of Dell Security.
The IT advisory company Gartner defines context-aware security as the use of supplemental information to improve security decisions at the time they are made, resulting in more accurate security decisions capable of supporting dynamic business and IT environments.
Evans explains in an interview with Information Security Media Group at the Gartner Security and Risk Management Summit: "Context-aware security can take information about access policies, from an access management solution; it can take location, time of day, type of access from, say a firewall, and collect all these things together and the administrator can set up a policy and determine a risk score. And, the user's access can change ... based on the context of their access."
In the interview, Evans:
- Provides an example of how context-aware security works;
- Discusses when the system would require a second factor to access the system; and
- Explains when the system would deny user access.
Among the examples Evan furnishes: Someone trying to gain access to a system from North Korea at 2 a.m. "The system might say, 'Hey, this is really bad; we're just going to terminate access,'' he says. "And that's all done automatically, which is great for the administrators, and it's also not cumbersome to the end users because most times I'm logging in from the office, so my user ID and password work. As a user, I'm willing to do that step-up authentication when I travel so it also doesn't impact user productivity."
Before joining Dell Software three years ago as senior director of product marketing, Evans served as vice president and general manager for Quest Software's SharePoint offering.