using behavior to improve security and enhance relationships
DESCRIPTION
ERIC LABADIE, VP Global Sales and Channels, Guardian Analytics, Inc., at the European IRM Summit 2014.TRANSCRIPT
Protecting Your Customers and Your BusinessIdentity Management and Behavioral AnalyticsEric LaBadie, Vice President, Customer Sucess
Guardian Analytics
Proven at Hundreds of Companies
Pioneered individual behavioral analytics to fundamentally change fraud prevention/security
Patented technology
25 million accounts protected
Trillions in assets protected
2 billion sessions protected
National and community banks
Leading Security Technology
"Guardian Analytics…has a proven and effective fraud detection risk-scoring engine."
"Guardian Analytics possesses one of the clearest visions for how to tackle fraud management.”
Partnered with ForgeRock
Increase protections of user accounts
Combine identity relationship management with analysis of user behavior
3
Our Challenge Today Criminals More Effective Than Ever At Targeting Users
Control email accounts Usernames/passwords Personal information Bank account information Spoof devices, location
Email Takeover
Phishing
Social Engineering
OnlineMalware
Breaches
© 2014 Guardian Analytics, Inc. Confidential
Cloud Apps
Bad News: Bad Actors Successfully Hide Behind Good Credentials
FinancialsData stores
Internal & External Bad Actors
Cloud apps
On-prem apps
Customer-facing web apps
Corporate Apps and Systems
Legitimate Credentials
Access
Controls
Compromised Employee
Compromised or malicious 3rd parties
Malicious Employee
Compromised Customer
Good News: Bad Behavior Always Stands OutUser behavior
Device/IPInformation
Authentication & MFA
Application Access
Administrative Activities
Day and Time
Access
ControlsLegitimate Credentials
Each user has a unique behavioral fingerprint
User behavior changes with malicious activity• Account takeover• Malicious insiders
Behavioral anomalies are completely detectable
Compromised Employee
Compromised 3rd parties
Malicious Employee
Compromised Customer
Guardian Analytics and OpenAM - Real-time Detection of Unauthorized Access or Misuse
Identity AccessManagement a
User CentricBehavioral Analytics
Compromised Employee
Compromised 3rd parties
Malicious Employee
Compromised Customer
• Country• City• State• Language• OS/Browser• Screen
Resolution• Plugins• Font List• Sign-On ID• Device Type• Provider• IP Type• Last Login• Login Times• Date/time• Encoding• Timezone
1. User attempts to login
2. OpenAM collects login data
3. Securely sends to GAHardened SSL
How Behavioral Analytics Works
Individual
Population-level
Behavioral Analytics
Identity AccessManagement a
User CentricBehavioral Analytics
• Country• City• State• Language• OS/Browser• Screen
Resolution• Plugins• Font List• Sign-On ID• Device Type• Provider• IP Type• Last Login• Login Times• Date/time• Encoding• Timezone
ReputationData
Behavioral Analytics Is access from an expected
machine configuration? Is this a potentially
compromised account? Is it a suspicious IP address? Is it a suspicious device? Is the user in a typical
location or following a typical travel pattern?
Is the application access at an expected time or frequency
Are profile or authorization changes unusual?
Individual
Population-level
Behavioral Analytics
ReputationData
Using Behavioral Analytics to Drive Risk-Based Authentication
Identity AccessManagement
4. GA evaluates risk posed by the user - No tuning or rules are required
5. Risk level returned to OpenAM
Hardened SSL
a
User CentricBehavioral Analytics
6. Low risk level – no intervention
7. High risk level triggers One Time Password
Benefit of Combined Solutions
Customers
Employees
3rd Parties(Vendors, partners,
contractors)
Manage and Control who users are and what they can do
Analyze that users are who they say they are and doing what they are supposed to do
Extend relationships and engagement (information, services, devices, etc.)
without increasing risk
Security Creates Trust & Confidence
Identity Relationship Management
Behavioral Analytics and Anomaly Detection
Real-time OpenAM-Guardian Analytics integrated solution
Demonstration
Thank You