Authentication methods your organisation should consider - DataGroupIT

Authentication methods your organisation should consider

21 November 2021

‘Password123’. Gone are the days where this was all you needed to secure your desktop or keep people out of your inbox. Now with an ever-increasing scope of applications, coupled with the exponential increase in data breaches, there is no greater time than now to ensure that you and your organisation are harnessing the full power of secure access control

Multiple authentication comes in a variety of factors that have varying levels of strength and weakness. Depending on the sensitivity of the data being protected, applying the appropriate factor is key to aligning with the appropriate risk level.

So, what are the types of authentication factors and how do they apply to your organisation?

Knowledge Factors

Largely accepted to offer the lowest level of assurance, knowledge factors are authentication factors that are based on the things the user knows. For instance, passwords or security questions such as ‘Your mother’s maiden name?’ are factors that fall under the knowledge category.

Knowledge factors are perhaps the factor we’re most familiar with as they’re utilised not just in the corporate environment, but in our personal lives as well. The challenge however is they can be easily compromised, especially with the proliferation of weak, ‘easy-to-remember’ passwords by users.

The robustness of knowledge factors can however be increased through the use of random password generators coupled with password managers as opposed to solely relying on memory recollection.

Possession Factors

These are things the user has in their possession. For instance when your bank sends a One Time Pin to your mobile device before completing a transaction or OTPs sent to your email address to verify your actions on a website.

While having the perceived benefit of being more secure than knowledge factors, possession factors are subject to their own forms of compromise. For example, mobile numbers and email addresses have been known to be intercepted by hackers.

Biometric Factors

These are factors based on who the user is. This includes facial recognition, such as that found on your mobile phone or fingerprint scanning.

Though they’re considered to be the strongest, even biometric factors like fingerprints and facial verification also have weaknesses. Determined malicious players have been known to use methods such as fingerprint lifting and other deceptive approaches to trick applications to verify a user’s identity.

Why you should consider Adaptive Multi-Factor Authentication

With an understanding that each factor has its own risks aligned with the data it is securing, moving away from relying on a single factor and instead utilizing a combination of factors is key to having a secure authentication procedure.

For instance, as leading identity and access firm OKTA highlights, if your organisation’s internal database receives an authentication request from a user that is on your network and located within your organisation’s city and zip code, a password and medium-to-high assurance authentication factor like a physical key or biometric factor is probably all you need to verify that user’s identity. However, if the request comes from an unknown network, or from a city that’s new for that user, you might consider adding a mobile push request to help prove their identity.

And so, for organisation’s that are focused on improving the securing of their data, deeply considering the implementation of an Adaptive MFA approach is a powerful step in increasing the rigidity of their security posture.

If you would like to find out more about best-in-class identity and access control measures, our cybersecurity experts at DataGroupIT are available to take you through the OKTA range of solutions and tailor them to your organisation’s specific needs.

About DataGroutIT

DataGroupIT is Africa’s leading Value-Added Distributor (VAD). By partnering with the best selection of established and emerging technology vendors across the globe, we, provide complex solutions for any size business, including Enterprise and SME markets across the African continent.

Our product portfolio offers comprehensive solutions for IT Security, Infrastructure and Enterprise Software.

We are fully committed to our business partners. Channels & vendors success is our #1 mission. Our professional teams across Africa deliver exceptional sales, presale, logistic, marketing and financial support that create the ultimate platform to accelerate our business partners’ success.

Contact Us today to find out more.

Post by: DGITUser

More Articles from Articles

Bridging the Gap Between Privileged Access Management & Identity Management

Bridging the Gap Between Privileged Access Management & Identity Management

Bridging the Gap Between Privileged Access Management & Identity Management In today's rapidly evolving cybersecurity landscape, organisations face the daunting task of protecting their digital assets against increasingly sophisticated threats....

The CIPC hack and what it means for South African companies

The CIPC hack and what it means for South African companies

The CIPC hack and what it means for South African companies Recently, the Companies and Intellectual Property Commission (CIPC) of South Africa fell victim to a significant data breach, highlighting alarming vulnerabilities in cybersecurity...

Fortifying Kenya’s Digital Frontier: Navigating the Evolving East African Cybersecurity Landscape

Fortifying Kenya’s Digital Frontier: Navigating the Evolving East African Cybersecurity Landscape

Fortifying Kenya's Digital Frontier: Navigating the Evolving East African Cybersecurity Landscape The rise of digitalization and digital economies is shaping a dynamic digital landscape across Africa. Software engineers play a pivotal role in this...