• United States




The path to modern authentication and cybersecurity is pervasive, connected and continuous

Feb 27, 20185 mins
AuthenticationCybercrimeData and Information Security

What makes secure access truly secure today? Authentication that works seamlessly – everywhere, all the time.

Today, there are more users in more places accessing more applications in more ways than anyone could have imagined even 10 years ago—and also, unfortunately, more openings for identity thieves.

In “Transforming secure access to take on today’s cyber threats,” I described how protecting against attacks comes down to making authentication pervasive, connected and continuous. That’s the path to achieving secure access that works everywhere, from ground to cloud; works with other parts of the security ecosystem to thwart threats; and works all the time to make it harder for attackers to get in and do damage, while making it easier for legitimate users to access to the resources they need.

Let’s take a closer look at what each of these qualities of entails and why they’re so critical to transforming secure access to meet modern workforce demands.

1. Pervasive: Enabling secure access at all points across applications, devices, users, environments

One thing becomes clear as the number of applications, users and points of access grows: The more points of vulnerability you have, the more you need a single authentication platform that pervades all of them. Users struggle to maintain multiple sets of credentials based on where an application resides or how they access it, while identity and security administrators struggle to secure multiple points of access and manage a variety unique approaches to authentication and access. They may turn to SSO and password synchronization solutions to connect these “islands of identity,” but that can create the risk that attackers will use weak credentials and security controls to compromise applications that may not be their true intended target – and then, once they’ve infiltrated, move silently and laterally to the real information jackpot.

The authentication and access solutions you deploy need to be pervasive. They should be able to identify and authenticate a user regardless of where the application resides or how the user is accessing it. They must not only work in our new world of multiple cloud environments, but also your on-premises applications and infrastructure, including virtual private networks (VPNs). At the same time, they need to address how users identify and authenticate themselves to desktop and laptop devices. Only when you can provision secure access controls everywhere from desktop to cloud can you provide uniform visibility and control for IT, as well as a common and easy access experience for users.

2. Connected: Sharing information and insights across the security ecosystem to strengthen security

One of the secrets of cyber attackers’ success is their willingness and ability to share information—on underground web forums, through messaging apps, and even on Facebook and other mainstream social media. Think about how bots typically operate, too: not alone, but as an orchestrated group, each taking direction from a command and control server. But when it comes to the security solutions that are deployed to fight cyberattacks—next-generation firewalls, SIEM systems, identity and access management solutions—these tools and the teams that use them are typically walled off from each other. They collect enormous amounts of valuable data about threats, but don’t share it in any meaningful way.

A critical step in transforming secure access to take on today’s threats is to make sure security resources are as closely connected as the attackers and their tools. For example, if a threat detection system that spots suspicious devices or user behavior can share that information with the access management system, then the latter can immediately impose additional authentication requirements. Or if an application is shown to have critical vulnerabilities, the system can respond automatically by requiring additional authentication or blocking access. With this connected approach, organizations can verify identities outside the login box, and in direct response to other security systems. It also promotes coordination between access control and identity governance solutions, to help ensure user access is always appropriately aligned to permissions and entitlements as users change roles, or as they leave the organization altogether.

3. Continuous: Constantly collecting and analyzing information to stop attacks

As we incorporate identity more pervasively within our environment and start connecting silos of information, we need to think about how to continuously asses our assurance that someone is who they say they are. I am by no means suggesting that we ask users to reauthenticate every five minutes. This would not only slow them down; it would likely cause a mass exodus. I am advocating instead for automated identity and authentication solutions that work transparently in the background, collecting and analyzing information to continuously assess our assurance of a user’s identity. Look for a solution that can:

  • Continuously collect identity insights to create a benchmark for “normal” access behavior, so that it’s easier to spot abnormalities (such as logging in from an atypical location or at an unusual time, or logging into an application the user has never accessed before)
  • Monitor threat intelligence information to learn about risk factors such as devices that are contaminated with malware or IPs that are being used for malicious activity
  • Create an identity assurance score that enables a running assessment of the degree of confidence in a user’s identity, based on whether the user deviates from normal access
  • Recognize and learn from changes in risk profiles and adapt accordingly to ensure the level of access control is always appropriate to the level of risk

Identity assurance that is pervasive from ground to cloud; connected communication and cooperation among all the components of the security infrastructure; and continuous assurance that someone is who they claim to be: They’re all part of the secure access transformation that’s essential to meeting today’s modern security challenges.


Jim Ducharme is Vice President of Identity Products at RSA. He is responsible for product strategy and leads the associated product management and engineering teams. He has nearly two decades of experience leading product organizations in the Identity marketspace, and has held executive leadership roles at Netegrity, CA and Aveksa.

The opinions expressed in this blog are those of Jim Ducharme and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.