Risk-based Access Improves Security and User Experience
Compromised accounts are today’s leading cause of data breach. In this age of access, trying to build policy that keeps data secure, without stopping user productivity, requires a massive security rethink. Centrify Analytics Service — based on user behavior — stops account-based attacks.
What is Risk-based Access?
Risk-based access uses machine learning to define and enforce access policy, based on user behavior. Through a combination of analytics, machine learning, user profiles, and policy enforcement, access decisions can be made in real time, to ease low-risk access, step up authentication when risk is higher, or block access entirely.
High-risk access can be blocked to minimize risk
User behavior drives policy, to ease access
Anomalous events are flagged to identity threats
Why Risk-based Access?
Today’s account-based attacks are so successful in leading to data breach because attackers have the perfect camouflage. Attackers look just like legitimate users, since they are exploiting legitimate accounts — and the attacks raise no suspicion, since all IT sees is regular user activity.
Centrify Analytics Service breaks this breach cycle by applying machine learning to determine, in real time, whether the access being requested is likely to be from a legitimate user, or from an attacker who has compromised that users’ account. Based on the level of risk, the user can be allowed, prompted for further authentication, or blocked entirely.
Not only does risk-based access provide real-time security, but it also flags high-risk events, and elevates them to IT’s attention – speeding analysis and greatly minimizing the effort required to assess risk across today’s hybrid IT environment.
Risk-based Access for Apps
Cloud, mobile and on-premises applications are under increasing attack. Often protected only by a simple username and password, apps provide easy targets. Centrify can protect apps, without increasing user hassle with risk-based policy based on typical access patterns and user behavior — across cloud and on-premises applications, VPNs, and more.
Risk-based Access for Infrastructure
Risk-aware access policies protect critical IT infrastructure against attacks that exploit compromised privileged accounts. Whether initiating a privileged session or checking out a credential, Centrify analytics service determines the risk-level and either grants privileged access, prompts for an additional factor of authentication or blocks access entirely.