The business landscape has changed: there are now more users working remotely than ever before. Because of this, it has become increasingly more difficult for organizations to have the assurance that users are who they say they are. This is why the need for identity assurance technologies like Multifactor Authentication (MFA) have grown in popularity.
What is MFA?
MFA is an authentication method that provides an extra layer of security by requiring users to have two or more verification factors to gain access to corporate applications from outside the network perimeter.
Most MFA authentication methodologies are based on a combination of these types of additional information:
By having one or more extra steps, this ensures that your network is safe from potential cyberattacks.
Why use MFA?
Finding out if a request to access is legitimate is much harder now than it was before for your IT team due to the increase of remote work. Cyber criminals are especially taking advantage of this especially due to:
The vulnerability of weak passwords that can be guessed through brute force
Poor security habits like displaying credentials near their endpoints
With MFA, you can significantly reduce the risk of these attacks to ensure that your user is who they say they are. By requiring the additional factors, access won’t be easily granted to anyone with the username and password, since they must have all the other verification factors as well.
Adaptive or risk-based authentication
Adaptive Authentication, also known as risk-based authentication, analyzes context when applying a level of authentication to users who are outside the network or display anomalous behavior. For example:
- From where is the user when trying to access information?
- When you are trying to access company information? During your normal hours or during “off hours”?
- What kind of device is used? Is it the same one used yesterday?
- Is the connection via private network or a public network?
This form of MFA looks at a user’s IP address and, if possible, their geo location. This information is then used to block user access if the location does not match the approved whitelisted areas. Additionally, more forms of authentication can be set to users to access the network even if they are outside the approved locations to confirm the login is non-fraudulent.
Interested in learning more about MFA? Fill out our contact form below and learn more!