context-aware security

Context-aware security is the use of situational information (such as identity, geolocation, time of day or type of endpoint device) to improve information security decisions.

Context-aware security requires knowledge of who the user is, what the user is requesting, how the user is connected, when the user is requesting information and where the user is located. The goal is to prevent unauthorized end users or insecure computing devices from being able to access corporate data. Such an approach might allow an end user to browse the network from inside the office, for example, but deny access if the end user is trying to connect with public Wi-Fi.

One analogy that is often used to explain context-aware security is a door with a lock. A standard security door would simply require a key to open the door's lock. By comparison, a context-aware security door would behave differently in different scenarios. For example, a man in the United States might require a key to open the door, while a man in the United Kingdom would only need to know a secret password.

Context-aware security has become more important in the past few years because of the risks associated with IT consumerization and cloud computing

See also: context-aware network access control


This was last updated in October 2013

Continue Reading About context-aware security

Dig Deeper on Identity and access management