You’ve Taken That Out of Context

posted on Friday, November 13, 2009 9:14 AM

Hello and Welcome to the new hit Game Show: You’ve Taken that Out of Context! Hilarity ensues in this action packed half-hour when contestants try to deliver the appropriate resources to end users depending on several factors and circumstances. So let’s get right to it: Our first contestant is Danny, an IT Director from Boston and he’s getting his first request…..OK, user is coming from a home computer, without a certificate, from a broadband connection and is a partner – what are you going to give them Danny? Wow, Excellent! You’ve provided a simple web application, delivered through a reverse proxy so he can enter his time & materials expense report. Great decision, Danny! Our next contestant hails from Chicago and runs a data center for a large manufacturer, please welcome Greg. Whoop, here comes Greg’s request…..User is a trusted employee in sales needing to enter customer info, using an IT issued laptop with specific reg-keys and updates but working from a wireless network. How you going to handle it Greg? Nice move! Offering them not only their specific order entry application that’s optimized but also giving them a connection to Exchange so they can download their email to stay current. Sweet – keeping users productive while on the road – great work. And our last contestant comes from Texas where he’s the Network Engineer for a distribution company – round of applause for Tom! Alright Tom, let’s see your request. It’s coming fast, user is a vendor who needs to see inventory levels. They are coming from their corporate LAN on an IT issued computer and does have a certificate for certain applications. Whatcha gonna do Tom? A full Layer 3 network connected tunnel? Well, let’s see. They get connected, they are navigating to their favorite app, so far so good, and logging in, cool. Wait, what’s this – the user has initiated a sniffer and found some financial docs. Oh no! He’s downloading the latest financial statements that aren’t public! That spreadsheet has much of our sensitive data but it’s too late, they are long gone along with your data. Sorry Tom, a little too generous with that but you do get a copy of our home game where players act out partial scenes and you have to guess the context! Thanks for playing.

User Centric or Contextual Aware Computing is finally starting to gain some traction partially driven by cloud computing. User Centric or Contextual Based networking is simply Adaptive Access using intelligence to dynamically change the security applied to a specific access request based on the context of that request, the resources being accessed and the policy applied between the two. The goal is to provide a unified method of applying security and delivering applications regardless of the actual security in effect, the network or the device being used to request access. It’s access security based on user, device, location and integrity both at the time of the request and the duration of access. It provides intelligence, adaptability and auditability for every user, every time. It is about the environment or conditions surrounding an event and informs us about it. With that information, we may perceive something differently which might change our view and maybe our decisions. It’s about seeing the bigger picture and making better decisions by comparing the information we have about the request along with the requirements of the application and policies in place to deliver the proper access. Garner calls this the ‘Digital Me.’

Gartner predicts that by 2012, there will be more than 7.3 billion networked devices worldwide and 298 million subscribers of location-based services. This is more than just delivering secure applications, it’s also about delivering the right resources to the right user at the right time. More than ever users are dispersed all over the globe, arriving from a multitude of devices and networks while requesting access and information from your systems. You need to offer the proper access to that user in a quick, secure and efficient manner with the proper controls. You need to make the right decisions based on that moment of information as we move from Identity (user/password with some customization) based to Contextual (Identity plus a whole lot more) based delivery models. You need to ensure that no-one is coming in or taking anything out, without context.

#21 out of 26 Short Topics about Security
previous stories: 20, 19, 18, 17, 16, 15, 14, 13.5, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1

Related Blogs

Posted In: Cloud Computing, Security, SSL VPN, Information security, mitigation, client security, social media, social networks, twitter, peter silva, context, contextual aware, user centric, decision, game show, granular, control, identity, sso, f5,

Add Comment

Feedback

No comments posted yet.

Let Me Know What You Think

Please use the form below if you have any comments, questions, or suggestions.

Title:

Name:

Email: (so we can show your gravatar)

Website:

Comment: Allowed tags: blockquote, a, strong, em, p, u, strike, super, sub, code

Remember Me?

Enter the code shown above:

Please add 4 and 4 and type the answer here:

		February, 2012 (2)
		January, 2012 (6)
		December, 2011 (5)
		November, 2011 (6)
		October, 2011 (14)
		September, 2011 (10)
		August, 2011 (11)
		July, 2011 (5)
		June, 2011 (7)
		May, 2011 (13)
		April, 2011 (5)
		March, 2011 (6)
		February, 2011 (14)
		January, 2011 (10)
		December, 2010 (6)
		November, 2010 (9)
		October, 2010 (8)
		September, 2010 (26)
		August, 2010 (17)
		July, 2010 (4)
		June, 2010 (5)
		May, 2010 (8)
		April, 2010 (13)
		March, 2010 (16)
		February, 2010 (4)
		January, 2010 (3)
		December, 2009 (6)
		November, 2009 (3)
		October, 2009 (6)
		September, 2009 (6)
		August, 2009 (7)
		July, 2009 (2)
		June, 2009 (1)
		May, 2009 (3)
		April, 2009 (2)
		March, 2009 (3)
		February, 2009 (2)
		January, 2009 (7)
		November, 2008 (1)
		October, 2008 (1)
		August, 2008 (1)
		November, 2007 (1)