Identity is the killer context: 4 ways to stay in control

The COVID-19 pandemic sounded the death knell for the traditional perimeter. Work is now an activity, not a place, meaning the concept of an encircling wall of security is as out of date as a PC running Windows 95.

In an era when people are working from cafes, sheds, bedrooms and anywhere else they can get some peace and an internet connection, identity is often hailed as the new perimeter. In fact, it is context that represents today’s perimeter, with identity providing the killer context.

Context can raise a red flag whenever a user’s activity goes against their usual pattern of behavior. The time of authentication is one obvious piece of contextual information. If a user logs on at 6am on Sunday morning, there is a risk that their account has been compromised and a bad actor is seeking access. Their location, the device they are using and details of the data they are trying to access also provide useful contextual information which can be used to deny access whenever an account behaves unusually.

The need to incorporate identity and context at the heart of cybersecurity is clearly illustrated by an alarming increase in the creativity of phishing attacks in which hackers impersonate trusted cybersecurity vendors or use a proxy site to mirror an MFA authentication page – an approach seen in the Microsoft attacks when attackers inserted a proxy site between users and their work server. The threat was also illustrated when the European Central Bank

Read more

Explore the site

More from the blog

Latest News