context-aware security

This definition is part of our Essential Guide: Managing information security amid new threats: A guide for CIOs
Contributor(s): Bridget Botelho

Context-aware security is the use of situational information (such as identity, geolocation, time of day or type of endpoint device) to improve information security decisions.

Context-aware security requires knowledge of who the user is, what the user is requesting, how the user is connected, when the user is requesting information and where the user is located. The goal is to prevent unauthorized end users or insecure computing devices from being able to access corporate data. Such an approach might allow an end user to browse the network from inside the office, for example, but deny access if the end user is trying to connect with public Wi-Fi.

One analogy that is often used to explain context-aware security is a door with a lock. A standard security door would simply require a key to open the door's lock. By comparison, a context-aware security door would behave differently in different scenarios. For example, a man in the United States might require a key to open the door, while a man in the United Kingdom would only need to know a secret password.

Context-aware security has become more important in the past few years because of the risks associated with IT consumerization and cloud computing

See also: context-aware network access control


This was last updated in October 2013

Continue Reading About context-aware security



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.


File Extensions and File Formats

Powered by: