Access control is simply controlling entry into a cyberspace as previously explained in this blog. For example, you have to have a password to access your Facebook account. This password requirement is access control. Without it, anybody could access your page and do whatever they wanted. This is primarily why cybersecurity exists…to prevent those who shouldn’t have access from getting into a cyberspace. If you have had your social media hacked, then you know that the basic password method of access control is not enough.
The next level of necessary security is two-factor authentication (2FA). This is having a second layer of authentication to allow access into a cyberspace. Usually manifesting as a numeric, or alphanumeric code, sent to your personal phone via SMS. 2FA is a noble idea that has indeed stepped up access control for cybersecurity. You can see examples of this in my blog “CyberSecurity Access Control with Two-Factor Authentication”.
2FA, while being amazing, also is a bit cumbersome for the typical user who is not too worried about cybersecurity like those who are just looking to log into whatever they’re doing as quickly as possible. Although for the business professional focused on cybersecurity, it’s beautiful, but terribly annoying when done on the 11 different pages they need to log into throughout the day. So a solution presents itself, single sign-on (SSO)!
Check out this sensational blog, where I get into the nitty-gritty of it. Last bit of self-promotion for today, don’t worry folks we’re nearly at the main topic. SSO simply takes all of the login pages you would need to log into throughout the day, and allows you to access them all with one round of access control, usually being 2FA. This is incredible, yet as mentioned before the process of 2FA has become a bit cumbersome for today’s instant gratification world.
Naturally, we now arrive at Contextual Authentication. I believe this is the best method of access control available to date. Contextual Authentication uses the underlying context of you and your computer to grant access into a cyberspace. Let me explain, this is like a hybrid 2FA, that’s more like multi-factor authentication, without any extra steps for you to complete outside of username and password. Contextual Authentication uses things like time frame, Wi-Fi security, and the geolocation of a device to allow users to log in.
Let’s take hypothetical businesswoman Veronica for example. Let’s say she typically works 9-5, on a secure Wi-Fi network, in Portland, OR. Now the program running the Contextual Authentication will recognize these facts as it has adaptive machine learning programmed in that knows when something is different and will add new things if it needs to. On a typical workday, Veronica will only need to type her username and password to have access as the program will not be suspicious of anything. With that known, let’s say Veronica has a business meeting in Schenectady, NY. She tries to log into her account in a McDonalds at 8 pm the night before her meeting to brush up on some facts.
The program then raises 3 separate red flags as Veronica is logging on at an atypical time, from a foreign location, on an unsecured Wi-Fi network. Depending on how her Contextual Authentication is set up, she may then have to go through a traditional method of 2FA to allow her access, or she may have to contact IT back in Oregon. In this situation, she would initially not be granted access, but after a quick SMS verification, or call to IT the problem is resolved. The program then includes this McDonalds in Schenectady as a valid location for the future if she so chooses to work there again.
Once added steps are eliminated such as calling the IT department, this method of access control is exceptional albeit the random trip to Schenectady. All in all, Contextual Authentication is pretty rad, and I expect to see it being the primary means of access control in the near future.