As many make preparations to return to work, one thing is for certain–it has forced leaders across all industries to rethink the future of the workplace and technology–both physically and in terms of security. For some, this means no more conference rooms, partitions between desks, temperature checks, as well as rotating days where office workers must follow stringent guidelines on when they come in and how they use different spaces.
Remote work is here to stay
With the realization that remote work and the technologies needed to support it is possible and does not adversely affect productivity, some workers may never actually return to physical offices. In a recent survey of financial leaders, analyst firm Gartner found that 74% plan to shift some employees to remote work permanently. For those workers who will continue to work remotely, technology and security teams will need to clearly outline their acceptable use policies specific to remote work that was either put in place or at least revisited at the start of the transition to a virtual workforce. Either way, organizations must think about how to provide more flexibility and give employees the right technology and means to continue working productively and securely during times of change.
Identity at the center of it all
With identity at the center of how users interact with digital resources, Identity and Access Management (IAM) solutions, like OneLogin, offer not only convenient access, but also dynamic security policies to tighten security when you need it and not when you don’t. Modern IAM solutions continue to explore the power of Artificial Intelligence (AI) and machine learning to provide login experiences that are more seamless, yet secure. Cybercriminals also look to AI to launch more automated and widespread attacks that exploit particularly vulnerable industries or systems, like overwhelmed hospitals or e-learning applications.
The natural response would be to tighten access control as much as possible, requiring users to perform authentication many times throughout the day in the form of Multi-Factor Authentication (MFA), every time they need access to their applications. Although an IAM solution can give you the ability to enforce such security policies, not all can provide the flexibility to dynamically increase and decrease authentication requirements when necessary.
AI for risk-based authentication
Here’s where risk-based authentication comes in. By definition, risk-based authentication looks at a variety of contextual factors, such as time, location, web browser, and device, to determine the risk profile of a particular login or transaction and determine the appropriate workflow–all within seconds. OneLogin’s SmartFactor Authentication™ does just that:
- For high risk logins, admins can require users to submit an additional authentication factor, like Face ID or fingerprint scan, or deny access to their web portal entirely
- For low risk logins, where users exhibit typical behavior, admins can simply require an OTP code submission sent via phone or allow the user to bypass MFA entirely
Essentially, it’s a win-win. IT and Security teams can put strong measures in place to keep phishing and ransomware attacks at bay, while end users only have to perform MFA or submit additional authentication factors when the context of their login changes significantly.
The future of authentication
Risk-based authentication will only get smarter overtime as we discover additional ways to insert contextual information into login events and adopt more advanced algorithms to make better decisions. And soon, continuous authentication will leverage machine learning to enforce MFA based on user behavior throughout their session, not just at the time of login. These are just some of the many ways security conscious organizations will harness AI in the future to protect their remote workforce from more sophisticated attacks, no matter where they are located.
Want to learn more? Download the ebook to dive deeper into how to leverage AI-powered authentication for remote work.