User permissions and two-factor authentication are an essential part of a secure security infrastructure. They help reduce the risk of accidental or malicious insider activity, reduce the impact of data breaches, and ensure regulatory compliance.
Two-factor authentication (2FA) requires users to enter credentials from two distinct categories to log into an account. This could be something the user is familiar with (passwords, PIN codes and security questions) or something they have (one-time verification code sent to their mobile or an authenticator application) or something they actually possess (fingerprints face, fingerprints, or retinal scan).
2FA is often a subset of Multi-Factor Authentication, which has more than two components. MFA is a requirement in certain industries like healthcare as well as e-commerce and banking (due to HIPAA regulations). The COVID-19 pandemic has also given new urgency to security for organizations requiring two-factor authentication for remote workers.
Enterprises are living organisms, and their security infrastructures keep evolving. Users have roles that change and capabilities of hardware are changing, and complex systems are being used by users. It’s important to regularly reevaluate your two-factor authentication plan at scheduled intervals to ensure it is able to keep up with these changes. One way to do that is to use adaptive authentication. This is a type of contextual authentication that triggers policies based on how it is used, when and when a login request comes in. Duo offers a centralized administrator dashboard that lets you easily set and monitor these kinds of policies.