IBM Security Gives Cloud Identity an AI Boost

IBM Security is using artificial intelligence (AI) to boost its cloud-based identity and access management service. IBM Security is using artificial intelligence (AI) to boost its cloud-based identity and access management service. The vendor first developed this AI technology for the financial services industry more than 10 years ago, and today it extended it to customers in all sectors. IBM Cloud Identity now uses AI-based adaptive access capabilities that help continually assess employee or consumer user risk levels when accessing applications and services. It flags suspicious user interactions for further authentication, and those identified as lower risk are “fast tracked” so they can access applications and services more quickly. “One of the things we’ve seen over the years has been that more security requirements have been pushing additional stronger forms of user authentication to end users’ businesses,” said Jason Keenaghan, director of IBM Security. These companies “want to have a better sense of who users are that they are engaging with on this digital channel, so they’ve started putting up additional roadblocks in the way to keep the bad users out. But in the process they’ve been adding a lot of digital friction into that experience as well.” IBM Cloud Identity’s new adaptive access capability “will allow businesses to be able to optimize both their security access and their end users’ experience,” he added. IBM used its existing online fraud-detection capabilities as the basis for the new capability. This technology, called IBM Trusteer, uses AI and machine learning (ML) to identify authorized — and unauthorized — access and activities across devices. It assess users based on a fraud evidence database, fraudulent pattern analysis, and cross-organizational patterning. More than 500 financial organizations already use Trusteer, and it runs more than 40 billion application accesses monthly and more than 1 billion monthly user sessions. The new service uses Trusteer, and it assigns a user behavior scored base on the level of trust or risk assessed for each user. IBM Security differentiates from other identity and access management vendors by assessing across five factors to determine this score, Keenaghan said. “We are taking in information about the user, information about the device, information about the resource they are trying to access, information about their environment, and then behavioral information as well, and combining all five of those context attributed together to come up with a trust score or risk score that’s associated with that particular action,” he explained. For example, using AI, the system can detect irregular mouse movements or flag a user trying to login from a browser infected with keylogging malware. Once it uses AI to assign risk levels, only users considered to pose a higher threat are prompted to go through multifactor authentication or denied access. By only prompting specific users to further verify their identification, rather than all users, enterprises may reduce operational expenses related to items such as two-factor authentication and help desk password resets, IBM says, pointing to a Forrester report that found organizations across industries allocated more than $1 million per year to password-related support alone. The new service also makes it easy for enterprises’ developers to add this adaptive access policies to their applications via a low-code deployment option, Keenaghan said. This allows developers to create and apply these policies to applications and APIs with little or no development effort and without changing the application. “Organizations can, by setting configuration policies, immediately get the benefits of adaptive access without having to do any coding at all,” he said. “But then for other applications where they might want to do more of a continuous authentication throughout the life of an application and custom coding, we have a really simple SDK they can use.”