What do smartphones and corporate credit cards have in common? Very soon, both will be monitored by employers in an effort to detect abnormal or otherwise suspicious patterns of activity. In the age of bring-your-own-device (BYOD) policies, companies are turning to techniques like these to manage access from smartphones and tablets to their internal systems and to confirm the identities of the people using them.
Intel estimates that almost 30,000 employee mobile devices access its systems daily. To keep that growing crowd under control, the chip maker's IT department early this year adopted a new approach to mobile device authentication that uses what's known as the "granular trust model."
When an employee attempts to log in to company applications from a mobile device, the system takes into consideration where the user is, what device he's using and what the employee is trying to access — basically calculating a "risk rating" for the request. Using a trust calculation, the technology determines whether the requested level of access is appropriate. So far, 9,000 devices are using Intel's trusted application portal, which allows users to access applications and supports the granular trust model. That number is growing weekly.
"Credit card companies look at my patterns as a buyer and how far out of those normal patterns I am, and they may send me a fraud alert," says Malcolm Harkins, vice president and chief security and privacy officer at Intel. "We want to do the same things over time with our compute infrastructure and leverage the patterns of where you're at and what you're trying to do — what device you're on and to some extent what you've done before as a way to manage the risk and enable the user. We're at the beginning stages of that journey."
Growing and diverse security threats, along with the proliferation of personal mobile devices in the workplace, are pushing IT departments to find unique approaches to identity and access management. So far this year, there's been strong demand for products with strong multifactor authentication and federated or single sign-on capabilities in the $4.8 billion identity and access management (IAM) systems market, which is expected to grow to almost $6.4 billion by 2016, according to IDC. The research firm calls these types of offerings "bring your own identity" systems.
"We're seeing a shift from impressed to expressed identity," says IDC analyst Sally Hudson. "The devices [we] use tell about the behaviors we choose to exhibit and define us in various settings. So you can collect a rich identity profile on somebody just by being able to profile what they access most often, their geolocation, what products they buy, what services they use and their social connections."
Sign up for CIO Asia eNewsletters.