A solid security infrastructure is built on the user’s permissions and two-factor authentication. They help reduce the risk of malicious or accidental insider activity, reduce the impact of data breaches, and ensure compliance with regulatory requirements.
Two-factor authentication (2FA) requires a user to enter credentials from two distinct categories to log into an account. It could be something the user knows (password or PIN code, security question) or a document they have (one-time verification passcode sent to their phone or an authenticator app) or something they’re (fingerprint facial, face, retinal scan).
Often the 2FA is a subset of Multi-Factor Authentication (MFA) which is comprised of many more factors than just two. MFA is usually a requirement in certain industries, including healthcare (because of strict HIPAA regulations) as well as ecommerce and banking. The COVID-19 epidemic has also increased the importance of security for companies that require two-factor authentication.
Enterprises are living organisms and their security infrastructures are constantly changing. Users change roles and hardware capabilities are evolving and complex systems are now in the hands of users. It is crucial to review the two-factor authentication methods at regular intervals to ensure they keep up with these changes. Adaptive authentication is one way to accomplish this. It’s a type of contextual authentication that creates policies based on time, location and when a login request is received. Duo offers an administrator dashboard that lets you easily manage and set these types of policies.
