Risk Based Conditional Access from Workspace ONE Access plus Workspace ONE Intelligence

Mar 12, 2020
James Millington

Author:

James Millington is Director of Product Marketing at VMware End User Computing, working with customers and partners globally to deliver solutions that drive digital transformation with Workspace ONE. He has previously led the healthcare sector product marketing for all VMware solutions with a focus on improved provider productivity leading to improved patient care. Prior to joining VMware, James held product marketing and product management positions at Imprivata and Citrix. James holds an MBA from Oxford Brookes University in the UK.

Share This Post On

Recent research tells us that the employee experience is critical for organizations to attract the best talent and therefore be at their most competitive, deliver the highest revenue growth and the best customer and employee satisfaction. Delivering the best employee experience by enabling device choice and work from anywhere strategies then has to be matched with an equally forward-thinking approach to security. Zero Trust is being seen as the goal line for modern IT security strategies supporting user flexibility while improving on today’s legacy perimeter-based products and approaches.

At VMworld 2019 and recently at RSAC 2020, VMware laid out a vision for intrinsic security transforming what were points of vulnerability into security controls.

Today, as part of the Workspace ONE path to zero trust, two of the key elements in that path are coming together. Customers with cloud-hosted Workspace ONE Access will be able to integrate Workspace ONE Intelligence risk scores with the authentication decisions made by Workspace ONE Access as the user signs in.

Risk scores can be calculated in Intelligence utilizing data about that user, their devices and behavior including:

• Does this user keep their device OS up-to-date?

• Does this user regularly download apps?

• Does this user download risky apps?

• Does the user keep device security features enabled?

Intelligence can also compare information to other users in their environment – for example, this Windows device is running the OS version 10.0.9926 which is older than 99% of the OS versions on other Windows devices.

This information can then utilized as an authentication condition within Workspace ONE Access. Risk scores are assigned as Low, Medium or High and can be assigned one of three states. Allow Access, Step-Up Authentication or Deny Access. An organization may choose to assign Low to allow access, Medium to step-up authentication and high to deny access.

The Risk Score can then be incorporated into the authentication component of the access policy definition – for example:

If a user’s network range is ALL RANGES

And the user is accessing content from iOS

Then the user may authenticate using MOBILE SSO (for iOS) & Risk Score

 

Depending on the settings assigned to the high, medium, risk score (allow, step-up, deny) risk will then be factored into the authentication.

 

You can find more information on how Workspace ONE is making security intrinsic to the platform versus using single tools with silo’s, including integration of Intelligence with Carbon Black in this new blog from Andreano Lanusse. Andreano also has a new video on Techzone digging into more detail on Risk Analytics  Maya Shiran also has a new blog explaining user risk scoring in more detail

 

And if you’re new to Access you can also download the ebook or start your technical path to Workspace ONE Access through VMware VMware Techzone.