Permissions for users and two-factor authentication are an essential part of any robust security infrastructure. They lower the risk of malicious insider attacks or accidental data breaches and help ensure regulatory compliance.
Two factor authentication (2FA) is a procedure that requires a user to enter a credential from two categories in order to log in to an account. This could be something the user is familiar with (password, PIN code, security question) or something they already have (one-time verification code sent to their mobile or an authenticator app) or something they are (fingerprint or face scan).
2FA is often a subset of Multi-Factor Authentication that has more than two factors. MFA is a common requirement in certain industries, including healthcare (because of strict HIPAA regulations), ecommerce and banking. The COVID-19 virus outbreak has also raised the importance of security for companies that require two-factor authentication.
Enterprises are living organisms and their security infrastructures are always evolving. Access points are added daily, users change roles, hardware capabilities evolve and complex systems enter the hands of users every day. It’s crucial to constantly review your two-factor authentication strategy regularly to make sure that it is able to keep up with the changes. Adaptive authentication is one way to accomplish this. It’s a type of contextual authentication, which activates policies based on date, time and location at which a login request is received. Duo offers an administrator dashboard that lets you easily monitor and set these types of policies.