context-aware security definition

This definition is part of our Essential Guide: Managing information security amid new threats: A guide for CIOs
Contributor(s): Bridget Botelho

Context-aware security is the use of situational information (such as identity, geolocation, time of day or type of endpoint device) to improve information security decisions.

Context-aware security requires knowledge of who the user is, what the user is requesting, how the user is connected, when the user is requesting information and where the user is located. The goal is to prevent unauthorized end users or insecure computing devices from being able to access corporate data. Such an approach might allow an end user to browse the network from inside the office, for example, but deny access if the end user is trying to connect with public Wi-Fi.

One analogy that is often used to explain context-aware security is a door with a lock. A standard security door would simply require a key to open the door's lock. By comparison, a context-aware security door would behave differently in different scenarios. For example, a man in the United States might require a key to open the door, while a man in the United Kingdom would only need to know a secret password.

Context-aware security has become more important in the past few years because of the risks associated with IT consumerization and cloud computing

See also: context-aware network access control


This was first published in October 2013

Continue Reading About context-aware security



Find more PRO+ content and other member only offers, here.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

File Extensions and File Formats

Powered by: