Granting access to information is a necessity, as is security for both the user needing access and for the information for which access is being granted. The best way to handle this is by establishing user accounts for users. This does several things at once:
- Allows user activity to be tracked
- Holds users accountable for their activity and access
- User access can be limited by establishing user roles and therefore limitations can be placed on areas or information to which users have access
- Enforces secure access to data through the use of user names and passwords
The list continues, but these are the primary reasons user accounts help protect information and the access granted. A more secure method on which more organizations are relying for user access is multifactor authentication.
To be clear, single-factor authentication is where one factor is used to authenticate the user name: the password. In single-factor authentication, the device expects that only the user will know his/her password – but modern security isn’t that naïve!
Examples of multifactor authentication include:
- Two-factor authentication – relies on an external resource, like a security token, dongle, or cell phone
- User logins that require a password to authenticate the user name, but also a second verification step, like a six-digit code sent to a user’s mobile device via SMS/text message.
- Three-factor authentication – relies on an internal resource, like a fingerprint or retinal scan
- User logins require a user name and password, likely the two-factor authentication step, but also an additional verification step to guarantee only the intended user with authorization is accessing data, like the specific user’s fingerprint. A fingerprint used by any other party trying to access will be rejected.
Usually only the most sensitive data requires three-factor authentication, but more and more processes – like banking or other highly-secure industries – will begin requiring additional security steps to maintain data security and prevent threats from unauthorized users.
New users and new devices that may otherwise cause vulnerabilities aren’t overlooked – Integris reviews multifactor authentication processes on a quarterly basis. Can you estimate how many new users and devices you can add each quarter? Protect weaknesses, maximize efficiency, and decrease downtime with Integris and MultiFactor Authentication.
Contact Integris at (888) 330-8808 to learn how you can benefit from multifactor authentication today.