Use Case:
Access Management Utilization of Risk Data

Access Management has integration with Fraud and Risk system. This integration allows access management to determine the authentication flow based on a risk profile. If zero to small risk, let the user authenticate seamlessly, if larger risk make the authentication process more secure (MFA, potentially fails authentication all together).

Scenario

Access Management utilizes risk data in the authentication process.

Actions

Access Management Utilization of Risk Data Actions.

– Click for larger image –

Success Criteria

  1. End user is able to access the Access Management portal and the desired protected application when appropriate .
  2. If the end user is found to have a risk status as defined above they are additionally challenged or rejected as appropriate based on their risk level.

IDSA Security Controls

Risk-based Authentication

Authentication based on risk posture derived from at least one risk engine (Cloud Access Security Broker, Fraud & Risk, UEBA, SIEM).

Risk-based Governance

Access enforcement based on risk posture derived from at least one risk engine (Cloud Access Security Broker, Fraud & Risk, UEBA, SIEM).