User permissions and two factor authentication are an essential part of a solid security infrastructure. They can reduce the chance of malicious insider attacks or accidental data breaches, and help ensure regulatory compliance.
Two factor authentication (2FA) is a procedure where a user must enter a credential from two categories to log into their account. This could include something that the user knows (password, PIN code, security question) or a document they have (one-time verification code sent to their mobile or an authenticator app) or something they have (fingerprint or face scan).
Most often, 2FA is a subset of Multi-Factor Authentication (MFA) that has many more factors than just two. MFA is a requirement for certain industries, such as healthcare banking, ecommerce, and healthcare (due to HIPAA regulations). The COVID-19 pandemic also given new urgency to security for companies that require two-factor authentication for remote workers.
Enterprises are living beings and their security infrastructures are always evolving. New access points are created every day, users are assigned roles and hardware capabilities are constantly evolving. complex systems enter the hands of users every day. It’s important to regularly reevaluate your two-factor authentication method at scheduled intervals to ensure it’s up to date with the changes. Adaptive authentication is a method to accomplish this. It’s a type of contextual authentication, which triggers policies depending on the time, place and how the login request is handled. Duo provides a central administrator dashboard that allows you to easily set and monitor the policies of these kinds.
