Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown
Risk-based access control

Risk-based access control

Risk-based access control definition

Risk-based access control is a type of access control that uses dynamic risk assessment to calculate the risk of certain transactions. Companies and individuals can implement risk-based access control in two ways – basic and strong risk-access control.

If a company is using basic risk-based access control, it will allow its employees or users to log into its network to get general access. After gaining general access, users and employees can then log into other resources that are considered riskier. So, a user will need to log in every time they want to access different systems, networks, or other resources.

Strong risk-based access control uses even more parameters to allow access, including user roles, the type and owner of the used device, the time when a certain resource is accessed, what a user is accessing, and what the user is doing with the data they get.

See also: unauthorized access, broken access control

Risk-based access control challenges

  • Risk of someone stealing an authorized user’s credentials and using them to get access to a network or system.
  • Risk of users or employees stealing data directly from the internal network without raising any security alerts.
  • Using smartphones to log into networks or systems can be easily hacked and compromised.

Further reading

Ultimate digital security

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.