User Permissions and Two Factor Authentication
Two factor authentication are an essential part of a solid security infrastructure. They help reduce the risk of insider threats or accidental data breaches, and also ensure compliance with regulatory requirements.
Two-factor authentication (2FA) requires a user to input credentials from two different categories to log into an account. This could include something the user is familiar with (password or PIN code security question) or something they already have (one-time verification passcode sent to their phone or an authenticator app) or something they are (fingerprint or face scan).
2FA is usually a subset to Multi-Factor Authentication which includes more than two components. MFA is a requirement in certain industries such as healthcare banking, ecommerce, and healthcare (due to HIPAA regulations). The COVID-19 pandemic has also increased the importance of security for organizations that require two-factor authentication.
Enterprises are living things and their security infrastructures are constantly changing. New access points are developed every day, users switch roles, hardware capabilities evolve and complex systems enter the fingertips of everyday users. It is crucial to review the two-factor authentication methods regularly to ensure that they are keeping up with the latest developments. Adaptive authentication is a method to achieve this. It’s a type of contextual authentication, which creates policies based on date, time and location at which a login request is received. Duo provides a central administrator dashboard which allows you to easily monitor and set these types of policies.