Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS

ERIC LABADIE, VP Global Sales and Channels, Guardian Analytics, Inc., at the European IRM Summit 2014.

  • Be the first to comment

USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS

  1. 1. Protecting Your Customers and Your Business Identity Management and Behavioral Analytics Eric LaBadie, Vice President, Customer Sucess
  2. 2. Guardian Analytics Proven at Hundreds of Companies  Pioneered individual behavioral analytics to fundamentally change fraud prevention/security  Patented technology  25 million accounts protected  Trillions in assets protected  2 billion sessions protected  National and community banks Leading Security Technology "Guardian Analytics…has a proven and effective fraud detection risk-scoring engine." Partnered with ForgeRock  Increase protections of user accounts  Combine identity relationship management with analysis of user behavior "Guardian Analytics possesses one of the clearest visions for how to tackle fraud management.”
  3. 3. Our Challenge Today Criminals More Effective Than Ever At Targeting Users  Control email accounts  Usernames/passwords  Personal information  Bank account information  Spoof devices, location Online Malware Social Engineering Phishing Email Takeover Breaches © 2014 Guardian Analytics, Inc. Confidential 3
  4. 4. Bad News: Bad Actors Successfully Hide Behind Good Credentials Customer-facing web apps Cloud Apps Internal & External Financials Bad Actors Data stores Cloud apps On-prem apps Corporate Apps and Systems Access Legitimate Credentials Controls Compromised Customer Compromised Employee Malicious Employee Compromised or malicious 3rd parties
  5. 5. Good News: Bad Behavior Always Stands Out User behavior Device/IP Information Authentication & MFA Application Access Administrative Activities Day and Time Access Legitimate Credentials Controls  Each user has a unique behavioral fingerprint  User behavior changes with malicious activity • Account takeover • Malicious insiders  Behavioral anomalies are completely detectable Compromised Customer Compromised Employee Malicious Employee Compromised 3rd parties
  6. 6. Guardian Analytics and OpenAM - Real-time Detection of Unauthorized Access or Misuse User Centric Behavioral Analytics Identity Access Management a Compromised Customer Compromised Employee Malicious Employee Compromised 3rd parties • Country • City • State • Language • OS/Browser • Screen Resolution • Plugins • Font List • Sign-On ID • Device Type • Provider • IP Type • Last Login • Login Times • Date/time • Encoding • Timezone 1. User attempts to login 2. OpenAM collects login data 3. Securely sends to GA Hardened SSL
  7. 7. How Behavioral Analytics Works Behavioral Analytics Individual Population-level User Centric Behavioral Analytics • Country • City • State • Language • OS/Browser • Screen Resolution • Plugins • Font List • Sign-On ID • Device Type • Provider • IP Type • Last Login • Login Times • Date/time • Encoding • Timezone Identity Access Management a Reputation Data Behavioral Analytics  Is access from an expected machine configuration?  Is this a potentially compromised account?  Is it a suspicious IP address?  Is it a suspicious device?  Is the user in a typical location or following a typical travel pattern?  Is the application access at an expected time or frequency  Are profile or authorization changes unusual?
  8. 8. Using Behavioral Analytics to Drive Risk-Based Authentication Behavioral Analytics Individual Population-level Behavioral Analytics Reputation Data Identity Access Management 4. GA evaluates risk posed by the user - No tuning or rules are required 5. Risk level returned to OpenAM Hardened SSL User Centric a 6. Low risk level – no intervention 7. High risk level triggers One Time Password
  9. 9. Benefit of Combined Solutions Customers Employees 3rd Parties (Vendors, partners, contractors) Manage and Control who users are and what they can do Analyze that users are who they say they are and doing what they are supposed to do Identity Relationship Security Creates Trust & Confidence Extend relationships and engagement (information, services, devices, etc.) without increasing risk Management Behavioral Analytics and Anomaly Detection
  10. 10. Real-time OpenAM-Guardian Analytics integrated solution Demonstration
  11. 11. Thank You

    Be the first to comment

    Login to see the comments

  • lpacalin

    Jan. 5, 2016

ERIC LABADIE, VP Global Sales and Channels, Guardian Analytics, Inc., at the European IRM Summit 2014.

Views

Total views

1,219

On Slideshare

0

From embeds

0

Number of embeds

4

Actions

Downloads

44

Shares

0

Comments

0

Likes

1

×