New Multi-factor Authentication Offering Seeks Balance Between Strong Security and Ease of Use
The correct balance between strong security and excessive control is difficult. Without strong security, such as multi-factor authentication (MFA), organizations will be breached. With excessive control (such as MFA always and everywhere), business will be impeded, employees will be disgruntled, and controls will be bypassed. A new behavioral authentication product announced today by security firm Preempt allows optional MFA, based on user behavior, on any application.
Preempt’s new “Any App” offering seeks to solve the growing concern over the insider threat by allowing policy to dictate whether user access to any application should be challenged by multi-factor authentication requirements, or simply allowed. This increases security without increasing unnecessary impediment to business.
The insider threat is insidious. It can come from innocent users, ‘malicious’ users motivated by curiosity or worse, or hackers inside the network with stolen credentials. While modern network analytics can detect ‘unusual’ behavior, they cannot automatically distinguish between simple unusual and malicious unusual. The result is a large number of alerts that need to be investigated but are often false positives.
Preempt’s Any App takes a different approach by imposing strong security in the form of multi-factor authentication requirements on any specified application whenever — but only if — ‘unusual’ user behavior is detected. This is an advance on the more usual and common approach of applying MFA to web applications only.
“Security teams want to better protect their organization and application from threats and breaches by adding policies that require users to validate their identity via authentication techniques before accessing corporate applications,” explains Ajit Sancheti, co-founder and CEO of Preempt. But while adding MFA to web applications is relatively simple, protecting on-premises applications is more complex. Integrating secure authentication into each application requires significant resources, which typically leads to the majority of internal applications not being protected by MFA.
Any App, he continues, “removes the need for application customization, and turns the task of adding MFA support to applications into a simple matter of defining policy, which saves both time and money, while also protecting the organization from security breaches.”
Any App works at the network layer for both Windows and Linux environments, and acts as an LDAP or Kerberos proxy. When a user first seeks access to an application, the application will attempt to verify the user. Any App proxies this request, and based on security policy can either allow access or require MFA.
If policy requires additional authentication, the organization’s MFA solution is automatically triggered. Since Any App is vendor neutral, the MFA can come from the existing deployment of a range of vendors such as Duo, OKTA, and SecureAuth.
The behavioral policy engine within Any App allows the security team to define the conditions necessary to invoke MFA. For example, if the access request comes from an unmanaged device, or if the user is connecting to a new asset or from a new location or new device. This allows the security team to automatically apply more stringent controls without requiring individual alert analysis.
Any App attempts to allow the security team to define and control the balance between strong security and ease of use. It reduces the cost of strong security while activating it only where policy decides it is necessary.
More from Kevin Bowers
- Alexa May Be Recording More Than You Realize
- UK’s NCSC Adopts HackerOne for Vulnerability Coordination Disclosure
- Artificial Intelligence in Cybersecurity is Not Delivering on its Promise
- Untangle Partners With Malwarebytes to Bring Layered Security to SMBs
- Testing Security Products: Third-Party Standards vs. In-House Testing
- New Cyber Readiness Program Launched for SMBs
- Personal Details of 120 Million Brazilians Exposed
- Researchers Find Thousands of Twitter Amplification Bots in Just One Day
Latest News
- Big China Spy Balloon Moving East Over US, Pentagon Says
- Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
- Cyber Insights 2023: Venture Capital
- Atlassian Warns of Critical Jira Service Management Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- Exploitation of Oracle E-Business Suite Vulnerability Starts After PoC Publication
- China Says It’s Looking Into Report of Spy Balloon Over US
- GoAnywhere MFT Users Warned of Zero-Day Exploit
