08 Aug User Permissions and Two Factor Authentication
Permissions for users and two-factor authentication are a vital element of a robust security system. They help reduce the risk of malicious or accidental insider activities, minimize the impact of data breaches and help ensure compliance with regulatory requirements.
Two-factor authentication (2FA) requires a user to enter credentials from two distinct categories to sign into an account. This could be something the user is familiar with (password PIN code, password, security question) or a document they have (one-time verification code sent to their phone or authenticator app) or something they have (fingerprint or face scan).
Most often, 2FA is a subset of Multi-Factor Authentication (MFA) which includes many more elements than surgery technology two. MFA is a requirement in certain industries, such as healthcare banks, ecommerce, and healthcare (due to HIPAA regulations). The COVID-19 pandemic has also added a new urgency for companies that require two-factor authentication for remote workers.
Enterprises are living organisms and their security infrastructures are always evolving. Users have roles that change, hardware capabilities are evolving, and complex systems are now at the fingertips of users. It is essential to periodically review your two-factor authentication method at regular intervals to ensure that it is able to keep up with these changes. One way to do this is to use adaptive authentication. This is a kind of contextual authentication that triggers policies based on how, when and where a login request is received. Duo offers a centralized administrator dashboard that lets you easily set and monitor these kinds of policies.
No Comments