It has been a long established conceit that two actor authentication is essential for secure remote access scenarios. Anyone who has accessed private networks from the internet is familiar with the concept in one form or another. Whether the additional factors include Smart Badges, Security Tokens, Soft Certificates (encrypted code downloaded to a device to identify it as genuine), or a combination of the above, using two factor authentication has become a familiar and even expected part of our computing security routine and rightfully so. Two Factor Authentication has been so effective at reducing information compromise that many services are quickly adapting its safeguards for internal use as well. We have all read the alarmingly increasing
…show more content…
The EFG is the core access gateway for many Lockheed Martin solutions that are available to external users. Adaptive Authentication, like many of the applications in the EFG, utilize Claims Based Authentication using Enterprise Business Services’ long established Federation solution to send user credentials to the solution provider. During the process, two factor authentication is enforced via the gateway, and Adaptive Authentication observes the access behavior, combing for evidence, and evaluates that evidence to find fraudulent behavior such is where from or when the user is accessing the solution. If a discrepancy is discovered, the user is flagged and prompted for a verification code that the user must respond to from their own pre-registered mobile device or land line in order to complete the authentication process. This additional hardware verification is difficult to compromise without access to the legitimate user’s cell phone or landline. This type of multi factor strategy involving phone verification is already in use by many popular financial institutions to deter fraud. However, the innovation is not in what Adaptive Authentication and our implementation of it does but is in how it does …show more content…
history last holiday season, Adaptive Authentication had been operating in the EFG environment in a non-enforcement mode effectively watching and reviewing authentications but without responding. During this review period, the adaptive engine was learning normal login behaviors from thousands of users internationally evaluating and logging specific criteria related to the individual user. It is in this way that Adaptive Authentication gets its name. The system is able to create then continuously update a profile for each individual user creating a baseline rating. Later, as authentication attempts build, and behaviors change, a variance to the baseline is generated and scored. This elevated “Risk Score” is what prompts the system to take additional action so as to focus its resources only on suspicious behavior and not against the literally hundreds of thousands of legitimate authentication attempts processed regularly by the EFG. This solution represents an intelligent response to fraudulent access attempts. By monitoring and learning from all access attempts, it can detect fraud even if legitimate credentials and associated PKI technology have been compromised, thus reducing Lockheed Martin’s risk of data compromise and its aftermath, which has reportedly cost U.S. corporations billions of dollars in
The EFG is the core access gateway for many Lockheed Martin solutions that are available to external users. Adaptive Authentication, like many of the applications in the EFG, utilize Claims Based Authentication using Enterprise Business Services’ long established Federation solution to send user credentials to the solution provider. During the process, two factor authentication is enforced via the gateway, and Adaptive Authentication observes the access behavior, combing for evidence, and evaluates that evidence to find fraudulent behavior such is where from or when the user is accessing the solution. If a discrepancy is discovered, the user is flagged and prompted for a verification code that the user must respond to from their own pre-registered mobile device or land line in order to complete the authentication process. This additional hardware verification is difficult to compromise without access to the legitimate user’s cell phone or landline. This type of multi factor strategy involving phone verification is already in use by many popular financial institutions to deter fraud. However, the innovation is not in what Adaptive Authentication and our implementation of it does but is in how it does …show more content…
history last holiday season, Adaptive Authentication had been operating in the EFG environment in a non-enforcement mode effectively watching and reviewing authentications but without responding. During this review period, the adaptive engine was learning normal login behaviors from thousands of users internationally evaluating and logging specific criteria related to the individual user. It is in this way that Adaptive Authentication gets its name. The system is able to create then continuously update a profile for each individual user creating a baseline rating. Later, as authentication attempts build, and behaviors change, a variance to the baseline is generated and scored. This elevated “Risk Score” is what prompts the system to take additional action so as to focus its resources only on suspicious behavior and not against the literally hundreds of thousands of legitimate authentication attempts processed regularly by the EFG. This solution represents an intelligent response to fraudulent access attempts. By monitoring and learning from all access attempts, it can detect fraud even if legitimate credentials and associated PKI technology have been compromised, thus reducing Lockheed Martin’s risk of data compromise and its aftermath, which has reportedly cost U.S. corporations billions of dollars in