ISR divides threats that a typical enterprise faces into two types, direct threats and indirect threats. Direct threats include firewall attacks, Web attacks and DMZ attacks which are either random or advanced persistent threats.
Another significant direct threat that many enterprises are currently facing is the illegal use of its IT systems by its end users. To deal with this threat, enterprises are investing a lot on sophisticated authentication in order to protect from a breach of confidential information. With the increase of cloud service deployment together with a mobile workforce, the cost efficiency is becoming lower and lower. Meanwhile, extra layer of authentication makes the system less user-friendly and the increasing IT support request adds more and more pressure on the IT support department.
To help enterprises get out of this dilemma, we are proud to introduce our risk based authentication technology to combat direct threats while at the same time balancing the usability and security of cloud services.
ISR's risk based authentication is a real-time authentication that guards your cloud services each and every access. The software-based deployment is invisible to end users thus the usability is barely affected. A typical user access via risk based authentication is as below:
Multi-Factor Authentication
ISR's risk based authentication is a multi-factor authentication, there are three layers of information that our database will gather to determine risk and assign authentication:
The network layer: IP Address, Mac Address, Proxy, VPN, etc
The individual layer: Session Summary, System Access time and frequency, Keystroke pattern, etc
Dynamic and Self-Learning
ISR's risk based authentication is a smart authentication. Risk determination and the assigned authentication type are based not just on static information, but user behavior is also taken into consideration. The individual's system usage pattern, such as the access time, frequency, dwell time and out-of-duty time are all used for risk assessment. We also deploy keystroke authentication technology as an additional layer to make our risk based authentication service dynamic and proven.
ISR divides threats that a typical enterprise faces into two types, direct threats and indirect threats. Direct threats include firewall attacks, Web attacks and DMZ attacks which are either random or advanced persistent threats.
