Making the case for context-aware security

Making the case for context-aware security

In the federal government, security always trumps user convenience.  But blanket security policies sometimes send employees looking for workarounds, putting agencies at risk.

Context-aware security policies could benefit both IT managers and users by adjusting the level of security to individual access requests, according to 97 percent of 150 federal IT and security professionals recently surveyed by Dell.

Context-aware security replaces static access processes with an approach that evaluates the context surrounding each access request and adapts security requirements accordingly, delivering the appropriate level of real-time security based on a changing threat landscape. While nearly 100 percent of IT professionals surveyed recognize the benefits a context-aware security approach would bring, only 28 percent said their organizations have fully embraced this approach. More than 60 percent indicated that lack of awareness about context-aware security is the greatest barrier to adopting it in their organization.

Besides providing more convenience to users and tightening access, context-aware security helps organizations assess and prioritize threats based on potential level of harm and gain visibility into the context when assessing risk.

“Context-aware security gives IT the ability to adjust the [security] dial in real-time, giving users the convenience they desire without resorting to risky workarounds,” said John Milburn, Dell Security's executive director and general manager, Identity and Access Management. It gives “the security team the confidence they need to keep the organization both safe and productive.”

While several similar surveys of government IT personnel have identified funding as the top barrier to  implementing necessary standards or reforms, it was second in Dell’s survey following the lack of awareness of the need for context-aware security.  Lack of knowledgeable people and inability to access tools were also listed as barriers.

About the Author

Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected