A solid security infrastructure is built on the user’s permissions and two-factor authentication. They help reduce the risk of accidental or malicious insider threats, limit the impact of data breaches, and also ensure compliance with regulatory requirements.
Two factor authentication (2FA) is a process which requires the user to enter a credential from two categories in order to log in to an account. This could be something the user is aware of (password or PIN code, security question), something they have (one-time verification code sent to their phone or authenticator app) or something they’re (fingerprint facial, face, retinal scan).
2FA is often a subset to Multi-Factor Authentication, which has more than two components. MFA is usually a requirement in certain industries, for example healthcare (because of the strict HIPAA regulations) as well as ecommerce and banking. The COVID-19 epidemic has created a new urgency for organizations requiring two-factor authentication for remote workers.
Enterprises are living organisms, and their security infrastructures are constantly evolving. Users change roles, hardware capabilities are evolving, and complex systems are accessible to users. It is essential to periodically review your two-factor authentication strategy at regular intervals to ensure it is able to keep up with the changes. One way to accomplish this is to use adaptive authentication. This is a form of contextual authentication that creates policies based on the way it is used, when and when a login request comes in. Duo offers a central administrator dashboard that lets you easily set and monitor these types of policies.