User Permissions and Two Factor Authentication

User permissions and two factor authentication are a vital element of a secure security infrastructure. They can reduce the chance of malicious insider activity or accidental data breaches and ensure compliance with regulations.

Two factor authentication (2FA) is a procedure that requires a user to enter a credential in two categories to log in to an account. This could include something the user is aware of (password PIN code, password, security question) or something they already have (one-time verification passcode sent to their mobile or an authenticator app) or something they are (fingerprint facial, face, retinal scan).

2FA is usually a subset to Multi-Factor Authentication, which has more than two components. MFA is typically a requirement in certain industries, for example healthcare (because of the strict HIPAA regulations), ecommerce, and banking. The COVID-19 virus outbreak has also raised the importance of security for businesses that require two-factor authentication.

Enterprises are living things and their security infrastructures are constantly changing. New access points are introduced every day, users are assigned roles, hardware capabilities evolve and complex systems end up in the fingers of everyday users. It is crucial to review the two-factor authentication methods regularly to ensure that they keep up with the latest developments. One way to do that is to utilize adaptive authentication. It is a type of contextual authentication that creates policies based on the way it is view used, when and when a login request is received. Duo provides a central administrator dashboard that allows you to easily manage and set the policies of these kinds.