IBM Security adds AI features to its Cloud Identity solution
IBM Security announced it is extending its artificial intelligence (AI) technology originally developed to protect users in the financial services industry, to clients in all industries via the company’s identity-as-a-service (IDaaS) offering.
IBM Cloud Identity now features AI-based adaptive access capabilities that help continually assess employee or consumer user risk levels when accessing applications and services.
The solution escalates suspicious user interactions for further authentication, while those identified as lower risk are “fast-tracked” so they can access applications and services they need.
With data breaches on the rise, traditional means of securing access, like passwords, are often not enough to prevent unauthorized access. The rise of credential-stuffing attacks, where a malicious actor obtains a list of credentials and tests them at various other sites using a bot, demonstrates that many password combinations have been leaked.
According to a 2019 report, compromised and weak credentials are cited as the cause for more than 80% of data breaches. Meanwhile, 2017 research found that large companies are managing hundreds of applications – up to 788 custom applications on average for companies with more than 50,000 employees.
Considering the number of programs and passwords that employees are managing between their professional and personal lives, it is increasingly important that new security measures do not hinder user experience.
“Companies are constantly trying to optimize both security and user experience, but the trick is ensuring security is not disrupting the everyday user journey,” said Jason Keenaghan, Director, IBM Security.
“IBM Cloud Identity with adaptive access is using AI to give organizations a holistic view of context for user access, based on indicators like malware and risk indicators, device insights, and user behaviour, to help them focus security on high-risk logins and give the majority of users seamless access to their accounts and applications.”
Adaptive access: Smart context
Many organizations continue to rely on older username and password methods to provide employee and consumer users access to services. Due to the patchwork of applications and solutions organizations are working with, they may not be able to deploy more modern security layers.
This can create a blind spot that prevents security teams from easily implementing rules that flag suspicious indicators like malicious logins, unknown locations, unrecognized devices, and whether a user is on a company’s network VPN.
IBM Cloud Identity is an identity-as-a-service solution that helps organizations connect every user to every application using adaptive access. Through the use of AI, the service helps simplify access management and security for users by assigning user risk levels based on a defined set of factors.
With these risk levels, administrators can create rules that level up or level down authentication – implementing strong authentication but only when needed. The service leverages the following features to determine risk and enable adaptive access decisions:
- Artificial intelligence – a user behaviour score is assigned based on the level of trust or risk assessed for each user. A number of factors are assessed including web intelligence, location data, malware and risk indicators, and device insights. For example, using AI, the system can detect irregular mouse movements or flag a user trying to login from a browser infected with keylogging malware. IBM Cloud Identity with adaptive access leverages IBM Trusteer AI technology to assess users based on a fraud evidence database, fraudulent pattern analysis, and cross-organizational patterning.
- Smart access and seamless login: Since AI capabilities are able to assign risk levels, only users considered to pose a higher threat are prompted to go through multi-factor authentication or denied access. By only prompting specific users to further verify their identification, rather than all users, organizations may be able to reduce operational expenses related to items such as two-factor authentication and help desk password resets for both current and new users. This can potentially lead to cost cuts considering organizations spanning different sectors have allocated more than $1 million per year to password-related support alone.
- Low-code deployment: Adaptive access policies can be created and applied to applications and APIs with little to no development effort and without application changes.
“According to our primary research results, the establishment of low-friction end-user experiences has the potential to help boost security effectiveness while reducing management efforts and related costs,” said Steve Brasen, Research Director, Enterprise Management Associates.
“By injecting intelligence into access processes, IBM is helping its customers implement the appropriate level of authentication enforcement for users while minimizing impacts to their productivity.”
- OUTSIDE IR35 Contract- Functional tester- SC clearance Microsoft Windows Server
- Outside IR35 contract
Front End Functional tester with SC clearance needed for an Outside IR35 project. Current valid SC clearance is required Experience with functional testing with exchange, sharepoint, SQL and other applications relating across a windows server Migration to 2019. Must be able to get to Central London 3 days a week. Jira, Wiki documentation and automation experience highly desirable.
- ForgeRock Consultant- UK
- United Kingdom
- Upto £100,000 plus benefits
ForgeRock Consultant/ Architect is require for niche consultancy who are looking to expand their presence within the UK/European Market Looking for a lead IAM architect, ideally with ForgeRock experience but would consider other vendors, But looking for someone who is able to advice and consultant with Clients but have the implementation background so they can get involved in projects as and when needed. Key duties will be: Provider IAM consultancy to clients, with a focus on ForgeRock Product stack ·Responsible for the design and implementation of ForgeRock solutions ·Install and configure ForgeRock stack to meet customer authentication and authorization requirements, ·Design and implement OAuth2 protocol using ForgeRock OpenAM, ·Design and develop OpenAM custom authentication modules, ·Configure ForgeRock stack to protect RESTful API, ·Troubleshoot and support ForgeRock IAM stack. This is a great role to join a niche play as they look to kick of their European expansion
- ForgeRock Consultant- Netherlands
ForgeRock Consultant required for 6 Month Contract This will be a mix of on site and home based, so need people to be based in the Netherlands We are looking for a lead ForgeRock Technical Consultant/ Architect with strong experience of ForgeRock to lead a new deployment project. ·Responsible for the design and implementation of ForgeRock stack ·Install and configure ForgeRock stack to meet customer authentication and authorization requirements, ·Design and implement OAuth2 protocol using ForgeRock OpenAM, ·Design and develop OpenAM custom authentication modules, ·Configure ForgeRock stack to protect RESTful API, ·Troubleshoot and support ForgeRock IAM stack. ·Designed and developed Restful APIs, This is a great project with an expanding leading IAM player within Europe, We are looking for someone with the above experience, who is comfortable hitting the ground running and taking on the reins at the start of a project