Why The Future Of Security Is Context-Based

by Sonit Jain, CEO, GajShield    Dec 15, 2014

sonit

For years, business organizations followed a rather reactive approach to managing IT security. Every time there was a new type of attack, security vendors would come up with a new solution to combat that threat. This approach worked very well till users accessed computers in controlled work environments. The company could easily monitor incoming and outgoing network traffic. But in today’s multi-channel environment, where users stay connected through a plethora of mobile devices and web-based apps, the security threats and vulnerabilities have only increased. According to PWC’s Global Information Security Survey 2015, the number of security incidents detected in 2014 was 48% higher than the previous year.

Multiple access devices and touch points have given hackers more options for entering corporate networks, without being easily detected. Therefore, the traditional models of security management are proving insufficient.  There is a need to adopt a new approach to managing security - one that is more proactive, sensitive and context-based. A recent Gartner report points out that increasing adoption of a more mobile, social, data-driven and consumer-like workplace is causing the breakdown of traditional security models and strategies. Going forward, enterprise security solutions will have to become context aware and adaptive. Security organizations and leaders that fail to alter strategies to accommodate a more consumerized workforce will soon be sidelined, predicts the report.

Context-based security systems are designed with built-in ‘intelligence’ to use situational information – identity, location, time, device, business function etc. – to make more effective security decisions. They are well suited to today’s mobile and cloud-based environments as they can respond more intelligently and quickly to unexpected situations.  By understanding the context of a user request, the security system or firewall can adjust the security response and control how information is delivered to the user, greatly simplifying an increasingly complex computing world.

Key Benefits of Context-Based Security

Industry experts believe that the context-based security model will soon replace the static security infrastructure that currently exists in most organizations. Therefore, enterprises should start looking at incorporating context awareness as an integral part of their security strategies. “Organizations should begin the transformation to context-aware and adaptive security infrastructure now, as they replace static security infrastructure and platforms,” says Gartner.

Some of the key benefits that enterprises can get by implementing context-based security are:

Improved Decision-Making: A context-aware solution uses information from multiple sources and has the ability to intelligently put it in the right context. This increases the accuracy of security decisions during an incident. 

Better Focus, Faster Response: By filtering information based on context, you can reduce the need for multiple security alerts to only a few key vulnerabilities that represent the highest risk. This also enables reduction in response time

Detecting Advanced Threats: A context-based system is proactive in its approach and gives greater visibility and insights so IT managers can easily track what is happening on the network. This is particularly useful for thwarting next generation malware and advanced threats that are emerging.

Operational Savings: Reduction in response time, increase in accuracy of decisions and improved focus of security strategies are all factors that collectively result in operational savings for the organization. 

Access Control & Authentication: Context-based systems are better at managing authentication and access control as they keep track of information like who is accessing what, at what location, what time, using which device etc. With high value information and sensitive data being accessed by managers through mobile devices, the need for improved access management systems is much higher today.

Although the concept of context-based security is not new, its relevance has increased immensely with emerging trends like BYOD (bring your own device), Enterprise Mobility and Cloud Computing. Organizations are looking for security solutions that can efficiently monitor network performance, proactively prevent security breaches and enable them to take more informed security decisions.

With the workplace becoming increasingly inter-connected and mobile, the traditional one-size-fits-all approach to managing security will not work anymore. Context-based security management systems are going to overtake the traditional security models and replace them with next generation infrastructure that is far more efficient and simpler to manage. The next few months will see more action in this space, with new entrants coming into the market, driving greater innovation and better pricing to benefit the user organizations. Context-based security is all set to redefine the future of security as we know it.