Enable dynamic provisioning with Gurucul Identity Analytics.
Imagine using a risk score to determine whether to grant a user access to an application, a system, a device. Wouldn’t it be a huge time-saver if you could auto-approve low risk access requests instead of manually granting such requests? On the flip side, wouldn’t it be great to automatically ensure that privileged access requests require multiple approvals?
With our Identity Analytics platform, our customers are changing their provisioning workflows to use automation instead of manually provisioning access. They are eliminating the typical approval process that most other organizations need to go through.
A primary driver around an identity analytics solution is to eliminate friction for users of consumer-facing applications. By risk-scoring users, their access devices and other factors, our customers eliminate the need for authentication via passwords, biometrics, etc.
Machine learning-based behavior analytics extracts context from big data, rather than relying on simple rule and policy-based security controls. This allows continuous monitoring of user behavior during a session to dynamically assess and adapt risk scores to enable real-time responses to anomalies.
For example, if a user with a low-risk reputation initiates an application session from a recognized location with a known device, the run-time risk score would fall into a green/safe zone. As a trusted user, pass-through access would be granted without the need for any authentication.
If the same user then begins exhibiting abnormal behaviors such as accessing unusual information, conducting anomalous transactions, etc., their real-time risk score would increase. Once a user exceeds pre-set thresholds and reaches the red/high-risk zone, automatic access responses are initiated. This includes enforcing MFA, locking the account, etc.
How Does Risk Analytics Gather User Behavior and Risk Score?
Gurucul Risk Analytics aggregates data from various sources including security solutions, IT Infrastructure components, network logs, application access and transactional audit logs, mobile devices, and more. It then uses predictive analytics to identify any deviation or abnormal activity during a user’s application and data navigation.
Calculate a real-time risk score on the basis of user outlier behavior percentage, resident user risk and reputation; and data or transaction risk classification.
This enables organizations to enhance the user experience based on user behavior patterns. Typically, 60% of users fall in the low-risk category. Here, organizations can leverage simplified security controls including no password, fingerprint or biometric authentication.
Simplify your security operations right now with Dynamic Provisioning. Contact us to learn more.