The inadequacies of usernames and passwords are well known. Clearly, a more secure form of authentication is needed. One method is to bake authentication into a user’s hardware. Intel is moving in that direction with the Authenticate solution in its new, sixth-generation Core vPro processor. It can combine a variety of hardware-enhanced factors at the same time to validate a user’s identity.
Intel has built on previous efforts to dedicate a portion of the chipset for security functions to make a device part of the authentication process. Good authentication requires three things from users: what they know, such as a password; who they are, such as a username; and what they have, such as a token. In the case of Authenticate, the device becomes the what-you-have.
Hardware authentication can be particularly important for the Internet of Things (IoT) where a network wants to ensure that the thing trying to gain access to it is something that should have access to it.
Once someone’s username and password are compromised, whoever has them can waltz onto a network and engage in all kinds of malicious behavior. That behavior can trigger a red flag to system defenders if they’re employing user behavior analytics (UBA). The technology uses big data analytics to identify anomalous behavior by a user.
Visibility into activity that does not fit the norm of the legitimate user can close a blind spot in the middle of the attack chain. “If you think of the attack chain as initial penetration, lateral movement, and then compromise, theft, and exfiltration of sensitive data, the middle links in that attack chain have not been very visible to enterprise security pros, and that’s why the interest in user behavior analytics today,” Crawford said.
Comparing a user’s present behavior to past behavior isn’t the only way UBA can identify a malicious actor. “There’s something called ‘peer analysis’,” explained Steven Grossman, vice president for program management at Bay Dynamics, a threat analytics company. “It compares how someone is behaving compared to people with the same manager or same department. That can be an indicator that the person is doing something they shouldn’t be doing or someone else has taken over their account.”
`3. Deep learning
Deep learning encompasses a number of technologies, such as artificial intelligence and machine learning. “Regardless of what it’s called, there a great deal of interest in it for security purposes,” 451’s Crawford said.
“When you’re looking at activity on the enterprise network, there’s behavior that’s not user behavior but is still malicious. So even if it’s looking at behavior, it’s looking at a slightly different application of behavioral analytics.”
Use of machine learning can help stamp out the bane of advanced persistent threats, added Kris Lovejoy, president of Acuity Solutions, maker of an advanced malware detection platform. “With its ability to decipher between good and bad software, at line speed, machine-learning technologies will offer a significant boon to security practitioners who seek to decrease time to advanced threat detection and eradication,” she said.
These 3 innovations should help you get the upper-hand in cyber security. Anything we missed? Which technologies do you suggest will move the needle on information security? Weigh in via the comments section below.