For years, passwords have guarded access to the resources organizations rely on day in and day out. But how well? And for how much longer? In an era when attack surfaces are growing, points of access are increasing and cyberattackers are getting smarter, now’s the time to go beyond the password to protect your resources and data. Integrating more ways of authenticating at various points of access is a good way add another layer of protection for critical resources and data. Make it easy on users by choosing a solution that offers a variety of authentication options (hard and soft tokens, smartphone-based push to approve, biometrics, SMS and more) and requires additional authentication only when it detects a high-risk access attempt.
Cloud Applications
If your organization regularly uses SaaS applications like Microsoft Office 365 and Salesforce, integrating multi-factor authentication with those applications can make it harder for attackers to compromise them – while still allowing legitimate users convenient access. This becomes even more important as your organization continues to add SaaS applications and as cloud infrastructures become increasingly attractive targets for attack.
Privileged Accounts
Once an attacker finds a way into a privileged account or a privileged access management (PAM) solution, it opens the door to your organization’s most valuable data and other resources. But you can make it harder by adding multi-factor authentication to your PAM solution, forcing anyone with stolen credentials to prove their identity another way. (A strong identity governance solution can also help by reducing the risk of compromised credentials in the first place.)
Digital Workspaces
As the workforce evolves to include more remote workers and contractors, digital workspaces allow you to deliver any app on any device. Integrating multi-factor authentication into the digital workspace makes it more secure for the organization and convenient for users. And a solution that can also be used at other points of access eliminates the need to invest in more than one multi-factor authentication solution.
Virtual Private Networks
Once upon a time, only a limited group of users was allowed access to the VPN; today, changes in the workforce have opened it up to remote employees, off-site contractors and others. Multi-factor authentication adds the extra layer of security you need to keep bad actors out; at the same time, when authenticating can be as simple and straightforward as a mobile push, it does a good job of letting the “good guys” in, too.
Legacy Applications
Adding multi-factor authentication to on-premises legacy and custom applications can be tricky, since they’re not likely to support authentication protocols like SAML and RADIUS. That means custom coding for every application – a long, costly proposition. But there’s a great alternative: adding multi-factor authentication to a next-generation firewall, instead. That enables you to get additional authentication at the network level.
Want to learn more about adding multi-factor authentication for more secure, convenient access to resources?
- Visit com/modernMFA
- Read the e-book Five Ways to Transform Access and Secure the Digital Enterprise
Watch the RSA webcast series Access Transformation in Action