User permissions and two-factor authentication are essential components of a solid security infrastructure. They lower the risk of malicious insider activity or accidental data breaches and ensure compliance with regulations.
Two-factor authentication (2FA) requires users to enter credentials from two distinct categories to be able to log into an account. It could be find here something the user is familiar with (password or PIN code, security question), something they have (one-time verification passcode sent to their mobile or an authenticator app) or something they’re (fingerprint or face scan).
Most often, 2FA is a subset of Multi-Factor Authentication (MFA) which includes many more factors than just two. MFA is a requirement in certain industries such as healthcare banking, ecommerce, and healthcare (due to HIPAA regulations). The COVID-19 virus outbreak has also increased the importance of security for companies that require two-factor authentication.
Enterprises are living organisms and their security infrastructures are always evolving. Users have roles that change, hardware capabilities are evolving and complex systems are now accessible to users. It is important to review your two-factor authentication strategy regularly to make sure that it can keep up with these changes. One way to do this is to use adaptive authentication. This is a form of contextual authentication that will trigger policies based on how the login request comes in. Duo provides an administrator dashboard that allows you to easily monitor and manage these types of policies.
