NEW TECH: How ‘adaptive multi-factor authentication’ is gaining traction via partnerships

By Byron V. Acohido

Tel Aviv, Israel-based Silverfort continues to make inroads into proving the efficacy of its innovative approach to multi-factor authentication, or MFA, in corporate settings.

Related: Why a ‘zero-trust’ approach to security is necessary

One recent validation comes from two long established, and much larger cybersecurity vendors – Check Point and Palo Alto Networks – that have recently begun integrating Silverfort’s innovative MFA solution into their respective malware detection and intrusion prevention systems.

Silverfort is the brainchild of a band of colleagues who toiled together in the encryption branch of Unit 8200, the elite cybersecurity arm of the Israeli military.

The co-founders took heed of the limitations companies faced in deploying MFA to protect sensitive systems without unduly hindering productivity. They recognized that rising complexities as business networks underwent digital transformation made MFA cumbersome, and sometimes even impossible, to deploy.

That was the problem company Co-Founder and CEO Hed Kovetz, and his fellow military compatriots set out to solve in the commercial arena upon discharge from Unit 8200 a few years ago. I met with Kovetz and Silverfort’s VP of Market Strategy, Dana Tamir, at Black Hat USA 2018. For a full drill down, please listen to the accompanying podcast. A few big takeaways:

Umbrella approach

There is no question that requiring a user logging into a sensitive asset to prove who he is – by affirming something unique in the user’s possession — adds a robust layer of protection. Silverfort’s innovation is a delivery system that enables this added measure of authentication to be delivered across many complex, dynamic systems on an as-needed basis. This includes cloud services, mobile platforms, IoT devices and hybrid networks.

Instead of trying to protect each unique asset with a standalone MFA system, Silverfort takes an umbrella view of all authentications occurring across an organization’s entire network. Silverfort’s agentless technology gains an understanding of the normal usage pattern of every user, and deploys MFA on an as needed-basis, in real time, without installing software agents or making changes to user endpoints, servers or protected applications.

Kovetz

“We can assess whether or not it is the real user before we even trigger multi factor authentication,” Kovetz says. “We protect all the users, while improving user experience, because we require Multi Factor Authentication only when there is a reason to.”

Real-time decisions

This approach is referred to in cybersecurity circles as “adaptive” Multi Factor Authentication.

“Once we have that visibility across the entire organization, we can analyze users’ activities and react, in real time, to any abnormal activity,” Tamir says. “We can also take in alerts from third party security solutions like Check Point, Palo Alto Networks, and others, and step up authentication in response to the risk-level those solutions identify.”

Silverfort has a growing list of partners who are eager to tap into their unique solution. As Kovetz puts it, “We have this opportunity to partner with well-established vendors and leverage their alerts to respond with automated, real time authentication decisions.”

According to Kovetz, the typical practice for a security solution is do one of two things: block the user or issue an alert. Since many security solutions use behavioral and statistical analysis to detect threats, there are many false positives. “If you block the users, you run the risk of reducing productivity if, in fact, you end up blocking a legitimate user (a false positive)” he says. “If you send an alert, you don’t really prevent the threat, you just report on it. And there is a risk that true positive alerts will be ignored.”

Silverfort has set out to give security vendors a third option. Kovetz paints the picture:

“Let’s say Palo Alto Networks detects bot activity from one of the devices in the network. Instead of automatically blocking it or issuing a passive alert, Multi Factor Authentication can be triggered to ask the user, ‘is it really you?’” he says.

It becomes a quick step for any legit user to authenticate. When and if an MFA attempt fails, the access request is denied. “These are the ones where the users couldn’t prove their identity; these are the true positives that you really want to further investigate,” Kovetz says.

Holistic authentication

As digital transformation continues to spread, increasing the speed and flexibility of innovation, but also increasing complexity and risk, deploying MFA effectively will prove to be increasingly important.

It has been anything but easy for large enterprises to enforce strong authentication security across all their disparate assets, be it cloud services, IOT devices, or legacy systems. Silverfort hopes to help change all that.

“The real breakthrough here is the fact that we can trigger Multi Factor Authentication for every user, every device and in every environment,” Kovetz offers. “We now have this opportunity to create authentication policies that are far more sophisticated and more holistic than Multi Factor Authentication ever used to be.”


(Editor’s note: LW has supplied consulting services to Silverfort.)

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone