Remote and hybrid work environments have brought about drastic changes in the corporate landscape and how data and devices are handled. With Bring Your Own Device (BYOD) gaining more popularity, users want to access both business and personal applications from multiple devices.
Add to that the complexity of the new age network infrastructure with multi-vendor solutions that include the use of both on-prem and cloud services. Though this flexibility is beneficial to users, it does pose serious security risks for a network. Traditional authentication and authorization processes are no longer enough to keep your network secure. Especially with data breaches and cyber thefts becoming more robust, the network security ecosystem is becoming increasingly complex.
There is a need for a more sophisticated system of authentication and monitoring that allows you to have a better understanding and visibility of all the devices and users connecting to your network. In this article, we will explain what device identity context is and how it can help improve your network security. To understand this, let’s first look at what identity context and context-based authentication are and how they help enforce zero-trust architecture.
Identity Context and Context-Based Authentication
The conditions and circumstances observed when a user or a device is trying to access a network are the identity context. Examples of identity context are various ranges of activities and behavior such as:
- User preferences
- Sites that you frequently browse
- The IP addresses and locations of your most-used devices
- Purchase behavior
- Typing speed
- The mobile phones and computers that you use
- The places that you regularly go to, like residences, offices, and restaurants
- The person or people that are your most frequent contacts
- Your music and other entertainment preferences
One of the best examples of using identity context is how your music app gives you a list of songs based on your previous usage history. These, of course, depend on some form of artificial intelligence to determine this.
Though, as a concept, identity context is fairly old, it is only recently that some organizations have been trying to deploy it to improve their network security. Understanding the behavior and usage patterns, or identity context, helps you get better visibility over your network. It allows you to ascertain that the user or the device at the other end is authorized and not someone maliciously trying to breach your network.
The question that you may have is how this information can help you to secure your network. When you have an identity context attached to every device or user, it becomes easier to detect and prevent any activity that is not in sync with the identity context. A managed RADIUS that uses device identity context lets you dynamically detect and stop any suspicious activity before it can move laterally or access your entire network.
Device Identity Context
Device identity context or machine identity context refers to the information regarding a device that is collected when a user accesses your network using a particular device. This information, like make and model, type of device (managed or BYOD), firewall, and antivirus that are active in the device, constitutes the device identity context.
This information is instrumental in improving your network security. Instead of using a blanket authentication method, you can now customize the type of authentication method that can provide the appropriate level of authentication assurance.
Device identity context also helps you determine the device trust used in making critical decisions about what level of access can be granted and which device can be trusted to what degree. For example, a BYOD device will have limited access compared to a managed device. A device used by the network administrator will use a multi-factor authentication method to provide an additional degree of security.
Modern businesses have witnessed an influx of a varied range of devices used by end-users. The use of BYOD further complicates the landscape as there are now devices that use different platforms.
The risk factor involved is no longer limited to just user risk, so role-based access control alone is not enough. To get better visibility and for easy management of devices in your network, device identity context becomes the foundation for developing better network security.
Okta Device Context
Okta, as a part of its development toward a contextual access management framework, has developed Okta Device Context. Okta Device Context helps with the implementation of app-level policies that ultimately help with facilitating a passwordless experience.
It provides all the possible information about the device type and state. This, in turn, helps in making policy decisions like what authentication method will best suit which devices to access the Okta-managed applications.
Under Okta Identity Engine (OIE), Device Context includes, in its purview, Okta Devices and Device Trust. The set of services and features that ingrains Okta on all devices for a company for better visibility of all the devices accessing Okta is what is referred to as Okta Devices.
Device Trust enables integration with Enterprise Mobility Management (EMM) solutions to facilitate the relevant context for managed devices. Device Trust and Okta Devices together help with making contextual access decisions.
Some of the key benefits of Okta Device Context are:
- The Okta Universal Directory provides better visibility of the user and device binding
- It provides better access control over sessions and devices
- It provides better device analysis which helps in strengthening app-level policy implementation with:
- Using Okta Verify for registration
- Providing EMM status for both managed and unmanaged BYOD
- Endpoint Detection and Response (EDR) Signals
Improve Device Identity Context for Better Network Access Control
As discussed in the previous section, device identity context consists of key attributes related to the device that helps in deploying the authentication method most secure for the machine. The better visibility afforded to the device attributes also helps with better decision-making in terms of the level of access granted to each machine. This is instrumental in policy implementation as instead of applying a standard set of policies for all, you can now customize the policies per the machine identity context for more robust network security.
Device Identity context can be instrumental in implementing Network Access Control (NAC) more efficiently simply because identity-based access management and zero-trust network architecture, the two core components of NAC, benefit greatly when machine identity context is applied. It provides a piece of detailed and relevant information that can help with policy-making as well as the implementation of these policies through NAC.
Zero-trust network architecture as a security philosophy simply means never trust, always verify. It requires that users and devices are constantly monitored, and access by each machine or user is limited to the necessary resources and applications only.
Machine identity context provides all the relevant data to monitor and compare the user/machine behavior. This helps identify any behavior that is not in sync, and with the help of dynamic RADIUS, you can immediately terminate any access that is suspicious. It also helps define the level of access to applications and other resources.
Passwords are bad for network security, and a network is as secure as the method of authentication used to verify the identity before granting access. Using an X.509 certificate can help mitigate the risks of password-based authentication in your enterprise network. However, the strength of a certificate is determined by the attributes defined in the certificate.
Machine identity context also helps better define the attributes of a certificate template. A certificate template contains in it the attributes like network policies and level of access that ultimately help in directing a machine or a user to the most appropriate network VLAN it is authorized to access. Device Identity context provides all the relevant information needed to make these decisions.
SecureW2 Solutions for an Enhanced Network Security Experience
Network Security as a concept is complex owing to the fact that its strength is determined by the way each complement is designed within the network. With all kinds of devices coming under your company network infrastructure purview, especially with BYOD and users logging in using multiple devices, designing a network infrastructure that meets all the security requirements becomes a complex task.
However, for the health of your network and to protect your organization from any malicious intrusion, you need an infallible network that gives you maximum visibility over each and every device connecting to the network.
Device identity context or machine identity context can help you get better visibility and control over all your devices by giving you a better understanding of their behavior. SecureW2 is an industry-leading company for network security that believes in continual innovation to give you an added edge and protection from potential network attacks. Click here to learn about our pricing.