|Security Control - Risk-based Authentication|
|Description||Authentication of a user is based on risk posture derived from at least one risk engine. (Cloud Access Security Broker, Fraud & Risk, UEBA, SIEM)|
|Components and Required Capabilities||
Fraud & Risk
|Best Practice Recommendation||
For authentication, consider implementing a Single-Sign On (SSO) solution early in the maturity of the program as it provides big wins with removing core access quickly on a termination. External SaaS applications, or cloud-based vendor/3rd party apps can be integrated into SSO with federation services. Once deployed and functional, augment it with more sophisticated SSO and MFA scenarios. For example, SSO based on context authentication, risk score and policy based access control.