Express Computer

Home  »  News  »  Beyond the login: Why “identity-first” security is leaking data and why “context-first” is the fix

Beyond the login: Why “identity-first” security is leaking data and why “context-first” is the fix

NewsGuest Blogs
By Express Computer
leader
0 6

By- Vijender Yadav, CEO and Co-founder of Accops

For the better part of a decade, the cybersecurity industry has rallied behind a single, unifying mantra: “Identity is the new perimeter.” It was a necessary evolution from the traditional castle-and-moat architecture. Enterprises invested heavily in Identity and Access Management (IAM), deployed Single Sign-On (SSO), and enforced Multi-Factor Authentication (MFA) universally. The assumption was simple: if a user could successfully pass biometric checks and prove who they were, the data was secure.

However, the rapid commoditisation of AI and the industrialisation of cybercrime have shattered this assumption.

The uncomfortable truth emerging from recent high-profile breaches is that identity-first security—when operating in isolation—is leaking data. Threat actors have evolved; they are no longer just trying to break down the door; they are cloning the keys. The reliance on static authentication events has created a dangerous blind spot. To close this gap, the architectural philosophy must shift from isolated IAM controls to a unified strategy that fuses identity with Zero Trust Network Access (ZTNA) and Virtual Desktop Infrastructure (VDI).

The Arms Race: Deepfakes vs. Liveness Detection

The identity landscape is currently locked in a technological arms race. On one side, organisations are moving towards passwordless authentication—using facial recognition, fingerprints, and FIDO keys to verify users without the friction of passwords. On the other side, attackers are leveraging Generative AI to create sophisticated deepfakes.

These are not just video recordings; they are “synthetic identities” capable of mimicking human behaviour in real-time. Standard facial recognition often looks for geometric matches—distance between eyes, shape of the nose. Deepfakes can replicate this perfectly, turning video verification into a vulnerability rather than a safeguard.

To counter this, modern security must implement advanced “Liveness Detection”. It is no longer enough to match a face to a database; the system must analyse micro-expressions and texture to ensure the face belongs to a live human presence, not a digital puppet. Yet, even with these safeguards, betting the entire security posture solely on verifying who the user is, remains a risky strategy.

Why? Because most modern attacks, such as session token theft and Adversary-in-the-Middle (AiTM) attacks, occur after the login. The biometric check was valid, the liveness check passed, but if the device itself is compromised, the attacker inherits that trust.

The Missing Link: From Identity to Context

To stop these leaks, security must move beyond the “Who” (Identity) and interrogate the “Where,” “What,” and “How” (Context). This requires a shift from static gates to Continuous Adaptive Trust.

Context is not a single data point; it is a composite score derived from real-time telemetry. To effectively plug data leaks, organisations must orchestrate three technologies that have historically operated in silos:

  1. Contextual MFA: Identity remains the starting point, but it must be situationally aware. A login from the office might only require a fingerprint, while a login from a new device might trigger a full biometric liveness check.
  2. Zero Trust Access: Unlike a VPN that connects a user to the network, ZTNA creates a “dark cloud” where applications are invisible to the public internet. Crucially, before making any connection, it checks endpoint compliance. Is the antivirus running? Is the OS patched? If a valid identity tries to access critical data from a risky device, the connection is blocked before it is even established.
  3. VDI: This is the planned contingency for high-risk or high-value roles. Rather than granting VPN access to unmanaged devices, organisations can provision virtual desktops for specific users (such as vendors or executives). This ensures that when the device is untrusted, the data remains isolated in the data centre.

The Power of Convergence: The “Pivot” Strategy

Implementing a “Context-First” approach means these technologies must talk to each other. The rigid lines between VDI, ZTNA, and IAM must blur into a unified secure workspace policy.

Consider the “Unmanaged Device” dilemma—a scenario that typically forces CISOs to choose between security and productivity. A senior executive needs to approve a sensitive transaction while travelling, using a personal tablet at an airport.

  • Identity Check: The user passes the biometric check. The “Who” is verified.
  • Context Check: The ZTNA engine detects the device is unmanaged and the network is public. The “Risk” is High.

In a traditional setup, security would essentially have to block this access. However, for a user with this specific role, the organisation can enforce a pre-configured contingency. Instead of granting direct network access (where data travels to the tablet), the system directs the session into a provisioned, isolated container (VDI). The executive gets a secure window to approve the transaction. They can view the data, but “copy-paste” and “download” functions are disabled.

This is granular, attribute-based access control in action. It allows organisations to define distinct access paths based on risk—blocking the general workforce on unmanaged devices, while safely enabling critical personnel via isolation technologies.

The Strategic Imperative for CIOs

For technology leaders, this convergence is not just a technical upgrade; it is a strategic necessity for compliance. Frameworks like the Digital Personal Data Protection (DPDP) Act require organisations to implement “reasonable security safeguards”. Relying solely on passwords or basic biometrics when technology exists to assess device health and behavioural risk may no longer meet the threshold of “reasonable”.

The future of workspace security lies in decoupling data from the device and decoupling access from the network. By layering contextual intelligence over biometric identity, and enforcing it through ZTNA and VDI, enterprises create a multidimensional shield. The industry must stop asking “Is this the right user?” and start asking “Is this the right context for this data?” That is the only way to move beyond the login and secure the digital enterprise.

Express Computer

Express Computer is one of India's most respected IT media brands and has been in publication for 24 years running. We cover enterprise technology in all its flavours, including processors, storage, networking, wireless, business applications, cloud computing, analytics, green initiatives and anything that can help companies make the most of their ICT investments. Additionally, we also report on the fast emerging realm of eGovernance in India.

You might also like More from author
Leave A Reply

Your email address will not be published.