Security

5 Things Government Agencies Should Know About Continuous Authentication

Get the facts about this active monitoring authentication method.

Joel Snyder, Ph.D., is a senior IT consultant with 30 years of practice. An internationally recognized expert in the areas of security, messaging and networks, Dr. Snyder is a popular speaker and author and is known for his unbiased and comprehensive tests of security and networking products. His clients include major organizations on six continents.

Continuous authentication is a tweak to traditional authentication methods, turning log-in-at-the-start authentication into more active monitoring. The usual goal is to reduce the security risk from stolen or borrowed credentials or malware-infected workstations.

Here are five things to know about this authentication method.

What Is Continuous Authentication?

After users log in and are authenticated, they are monitored continuously to verify that the person sitting in front of a workstation is the correct one. The main techniques are biometric monitoring (such as face and voice recognition or eye and fingerprints scans) and anomaly detection (tracking typing patterns, device fingerprints or behavioral changes).

Click the banner below to see how authentication contributes to zero trust.

How Does Continuous Authentication Work with My Apps and Users?

Continuous authentication requires support, both at the user workstation and at the application layer. On the workstation side, this can mean a web browser plug-in or, more commonly, a small agent that needs direct access to the user’s hardware (such as on-device cameras, microphones and keyboards) or operating system configuration. On the application side, either minor application changes or the addition of a proxy or some other network instrumentation can complete the security chain between user and data center.

How Does Continuous Authentication Affect the End-User Experience?

The effect can be large or innocuous. If continuous authentication is checking device parameters such as the presence of an anti-malware process or whether a USB key is inserted, users may not perceive the difference between continuous authentication and normal mobile device management tools. On the other hand, if the on-device LED is constantly on or if the application logs out when a user’s hair falls in front of her eyes, people will notice what’s going on.

How Are Zero Trust and Continuous Authentication Related?

Zero trust means trusting no one until a user is fully authenticated. For many enterprises deploying zero trust, authentication isn’t just a username and password or multifactor authentication but may include other metrics: location, application requested, endpoint status, time of day and more. This approach of adding risk-based metrics, usually evaluated only during the authentication process, can be extended and augmented to include continuous authentication as an additional technique to reduce risk.

Where Does Continuous Authentication Fit Within Government?

As a tool to reduce the risk of malware and infected workstations, continuous authentication may be appropriate for staff using sensitive applications, such as financial software, citizen records or federally protected information. New software development kits and plug-in tools coming onto the market may offer government IT teams an opportunity to reduce risk and product maintenance costs by consolidating and strengthening continuous authentication for everyone at the same time.

GETTY IMAGES: ROSADU (BIOMETRIC FACE), THINKNEO (FIVE)