A robust security infrastructure is built on user permissions and two-factor authentication. They reduce the risk of accidental or malicious insider activity, reduce the impact of data breaches and ensure the compliance of regulatory authorities.
Two factor authentication (2FA) is a process where a user must enter a credential in two categories to sign in to an account. This could include something the user knows (password PIN code, password, security question) or a document they have (one-time verification code sent to their phone or an authenticator app) or something they are (fingerprint facial, face, retinal scan).
2FA is usually a subset of Multi-Factor Authentication, which has more than two components. MFA is typically a requirement in certain industries, like healthcare (because of strict HIPAA regulations), ecommerce, and banking. The COVID-19 virus outbreak has increased the importance of security for companies that require two-factor authentication.
Enterprises are living organisms, and their security infrastructures keep evolving. New access points are introduced every day, users switch roles, hardware capabilities develop and complex systems reach the fingertips of everyday users. It is important to regularly evaluate the two-factor authentication strategy at regular intervals to ensure that they are keeping up with the latest developments. One way to do this is through adaptive authentication which is a type of context authentication that will trigger policies based on how it is used, when and when a login request is received. Duo offers an administrator dashboard that allows you to easily monitor and manage these types of policies.