Security Think Tank: High levels of control require detailed security intelligence

How should business approach context-aware security technologies and what will be the business benefit?

The need for context-aware security is driven by the rapid rise of mobile computing and BYOD in particular, writes Adrian Wright. Traditional one-size-fits-all security policies and controls are no longer adaptive and granular enough to deal with the multitude of different devices connecting into and between corporate networks.

Nowadays, broader application intelligence needs to integrate with context-aware security infrastructure to provide security unobtrusively while still allowing user mobility.

The ability to trace what is happening from the mobile endpoint to the datacentre at the application level – and also have visibility of the identities and status of devices connecting into the network – are all key factors in being able to thwart increasingly sophisticated types of attacks. 

Beyond this, context needs to include metadata about the user, the organisation and their role-based permissions, plus when, how and what they are accessing. And that’s a lot of information to be gathered and assimilated, even before you start building your context-aware infrastructure.

Unfortunately it does not stop there; true context-aware and adaptive security must also take into account real-time threat information, levels of relative trust, as well as risk, based on the assets being accessed and used.

I can foresee a point where the metadata and intelligence needed to operate fully context-aware security architecture will begin to rival the quantity of the actual data being processed. This might be somewhat overstating the case at this time, but the key point here is that the highly granular levels of control sought require equally detailed security intelligence to set up and operate such infrastructures.

The question of whether and how we can accumulate and compile such a compendium of security intelligence is, for me, the most crucial one to address.

So in answering the questions: I suggest businesses begin by asking themselves if the scale of mobile computing, the spread of BYOD and the levels of inherent risk exposure all combine to justify the probable costs of building and operating context-aware security infrastructure.

Also verify your capability to compile and maintain currency of the detailed inventory of devices and information on users, roles, applications, risk levels and trust needed to make your security control granular and adaptive enough to justify the outlay.

If so, business benefits will come from improving user mobility and ease of use while at the same time protecting valuable information and reducing security administration overheads.

Adrian Wright is vice-president of research for ISSA-UK

Read more on Hackers and cybercrime prevention