Context is an essential element in everything we do. Context is what helps us make decisions. Imagine you’re sitting outside having lunch and you hear a loud rumbling. You may ask yourself, “Was that just a loud truck driving by or an approaching storm?” You look up and see dark clouds. Still could be a truck. Then the wind starts to blow and the rain begins and you know it’s time to seek shelter. The combination of information provides the context required to make a decision.
It’s the same in business. Say a device is trying to access financial data on your network. You need context to know if this is an employee or a threat. The device belongs to an employee based in the U.S., but it’s connecting from Japan. Authentication controls and identity governance provide information to prove that employee is legitimate. Device management confirms that the laptop the employee is using has the latest security updates. Data security provides additional information about who can access financial resources. Network microsegmentation limits this employee’s use to these types of resources.
All of these security disciplines provide different information to (securely) connect that employee with the data they need to do their job. So why, with all these layers of protection, are we still experiencing expensive breaches?
The Difference Between Information and Context
Individually, each of these disciplines provides valuable information about what is happening. However, this information on its own is not enough to verify the legitimacy of this request or make a decision regarding access.
It’s important to note here the differences between information and context. While reliant on one another, information and ..
Support the originator by clicking the read the rest link below.
