A blog post I wrote last month about how a well-run enterprise BYOD program can make employees more productive and loyal made a reference at the end to “contextual authentication,” an analytics-based security procedure designed to eliminate annoying multifactor techniques that slow down employees and tempt them to violate security policies.
But contextual authentication is worth exploring in more depth because of its potential usefulness in enabling employee productivity while providing strong protections for mobile devices and data. Information Age‘s Ben Rossi performs this service in a column about boosting mobile security and productivity.
After delving into a long list of problems related to “prohibitive security access controls” such as alphanumeric passwords and multiple requests for user credentials on small mobile screens, Rossi lays out the case for contextual authentication:
Contextual authentication can play a significant role in allowing authorised users secure data access on their mobile device, but in a way that removes the friction from the log-in process and gives users fast and convenient access to their apps and data.
A contextual authentication-based system constantly records and analyses various background factors based on the device’s current use versus the context of how it has been typically used in the past – such as the device’s location, its time of use, or proximity to other devices.
Should the contextual analysis determine that specific employees previously have used their devices in a similar manner, authentication can be reduced to a simple step such as a PIN code or biometric sign-in. Variables that can impact the contextual analysis include where and when employees typically try to access data and services from their devices.
By eliminating one-size-fits-all secure access procedures, contextual authentication allows enterprises to require the right level of authentication, ensuring employee productivity isn’t hindered by unnecessary levels of mobile access.
Is your enterprise using contextual authentication for mobile employees?