A World War II-era military intelligence technique has become an important element in modern efforts to boost IT security. The ability to identify distinctive keystroke patterns is part of a security strategy known as adaptive access control.
Army Signal Corps officers discovered that “dots” and “dashes” of intercepted Nazi telegraph transmissions had distinctive speeds and rhythms. Using a method known as “The Fist of the Sender,” the Allies were able to identify the unique typing styles of individual enemy telegraph operators. This enabled them to triangulate signals and trace the operators’ movements across the continent — thus tracking the movement of specific military units.
The same basic concept is now generally referred to as “keystroke dynamics.” It is one of several behavioral patterns that adaptive access control solutions use to build unique user profiles to fortify network security.
Defining Good Behavior
Adaptive access controls monitor and analyze user behaviors to develop a profile of the individual or device attempting to access a system. Using machine learning, adaptive access control can detect subtle changes in the way a password is typed, the way a mouse is moved, or how users pinch, zoom and swipe the screen on a mobile device — behaviors that are virtually impossible to replicate.
When suspicious behavior is detected, a number of actions can be taken automatically. The user could be required to enter another form of authentication, or an administrator could receive an alert that would necessitate a call to the user for verification.
Adaptive access control is seeing broad adoption as organizations seek to bolster mobile device security without hampering employee productivity or the customer experience. Gartner predicts that half of all workforce access management systems will incorporate behavior analytics by 2024.
This technology is enticing because it relieves users from the hassle of multifactor authentication (MFA). MFA reduces reliance on passwords by requiring a combination of verification factors, but it requires users to enter a PIN or biometric identifier or use a mobile app. By learning a user’s behaviors, adaptive access controls provide a second authentication factor without forcing users to carry, insert or remember something else.
It also allows IT to track and quantify the risk associated with each access attempt, and apply more granular controls. For example, access to financial data might require more robust authentication than access to a public-facing website.
Adaptive access control falls into a category of security tools known as risk-based authentication. A related technology known as user and entity behavior analysis (UEBA) collects data on the activities of users, devices and the systems they access, then analyzes that data to spot anomalous behavior. If a user logs in from an unusual location or at an unusual time of day, for example, the UEBA system may block access or restrict the user’s privileges for that session.
Risk-based authentication is about more than user convenience — it also provides greater protection against growing mobile device threats. The Verizon study found that cyberattacks involving mobile and IoT devices increased 22 percent in the last year.
These threats are driving rapid uptake of risk-based authentication. According to a recent study by Okta, adoption of risk-based access controls increased 147 percent in the past two years.
Passwords alone are no longer sufficient for authenticating users — nearly three-quarters of all confirmed network intrusions involve weak, default or stolen passwords. However, users can quickly become frustrated with MFA requirements. Adaptive access control removes some of the burden from users while improving authentication, making it an attractive option for enhancing network security. Contact us to discuss how it can benefit your business.