Permissions for users and two-factor authentication are crucial components of any robust security infrastructure. They can reduce the risk of malicious or accidental insider threats, limit the impact of data breaches and ensure the compliance of regulatory authorities.
Two factor authentication (2FA) is a procedure that requires a user to input a credential derived from two categories to be able to log into their account. It could be something the user knows (passwords PIN codes, passwords, security questions) or something they own (one-time verification code sent to their phone or an authenticator application) or something they are (fingerprints or a face scan, or retinal scan).
Often the 2FA is a subset of Multi-Factor Authentication (MFA) which is comprised of many more factors than just two. MFA is a requirement in certain industries such as healthcare banking, ecommerce, and healthcare (due to HIPAA regulations). The COVID-19 pandemic also created a new urgency for businesses that require two-factor authentication for remote workers.
Enterprises are living organisms and their security infrastructures are constantly evolving. Users have roles that change and hardware capabilities are evolving and complex systems are being used by users. It is important to review your two-factor authentication process at regular intervals to make sure that it is able to keep up with these changes. One method to do this is to use adaptive authentication, which is a form of contextual authentication that will trigger policies based on how, when and where a login request comes in. Duo provides a central administrator dashboard that allows you to easily manage and set the policies of these kinds.