Authentication methods your organisation should consider
21 November 2021

‘Password123’. Gone are the days where this was all you needed to secure your desktop or keep people out of your inbox. Now with an ever-increasing scope of applications, coupled with the exponential increase in data breaches, there is no greater time than now to ensure that you and your organisation are harnessing the full power of secure access control

Multiple authentication comes in a variety of factors that have varying levels of strength and weakness. Depending on the sensitivity of the data being protected, applying the appropriate factor is key to aligning with the appropriate risk level.

So, what are the types of authentication factors and how do they apply to your organisation?

Knowledge Factors

Largely accepted to offer the lowest level of assurance, knowledge factors are authentication factors that are based on the things the user knows. For instance, passwords or security questions such as ‘Your mother’s maiden name?’ are factors that fall under the knowledge category.

Knowledge factors are perhaps the factor we’re most familiar with as they’re utilised not just in the corporate environment, but in our personal lives as well. The challenge however is they can be easily compromised, especially with the proliferation of weak, ‘easy-to-remember’ passwords by users.

The robustness of knowledge factors can however be increased through the use of random password generators coupled with password managers as opposed to solely relying on memory recollection.

Possession Factors

These are things the user has in their possession. For instance when your bank sends a One Time Pin to your mobile device before completing a transaction or OTPs sent to your email address to verify your actions on a website.

While having the perceived benefit of being more secure than knowledge factors, possession factors are subject to their own forms of compromise. For example, mobile numbers and email addresses have been known to be intercepted by hackers.

Biometric Factors

These are factors based on who the user is. This includes facial recognition, such as that found on your mobile phone or fingerprint scanning.

Though they’re considered to be the strongest, even biometric factors like fingerprints and facial verification also have weaknesses. Determined malicious players have been known to use methods such as fingerprint lifting and other deceptive approaches to trick applications to verify a user’s identity.

Why you should consider Adaptive Multi-Factor Authentication

With an understanding that each factor has its own risks aligned with the data it is securing, moving away from relying on a single factor and instead utilizing a combination of factors is key to having a secure authentication procedure.

For instance, as leading identity and access firm OKTA highlights, if your organisation’s internal database receives an authentication request from a user that is on your network and located within your organisation’s city and zip code, a password and medium-to-high assurance authentication factor like a physical key or biometric factor is probably all you need to verify that user’s identity. However, if the request comes from an unknown network, or from a city that’s new for that user, you might consider adding a mobile push request to help prove their identity.

And so, for organisation’s that are focused on improving the securing of their data, deeply considering the implementation of an Adaptive MFA approach is a powerful step in increasing the rigidity of their security posture.

If you would like to find out more about best-in-class identity and access control measures, our cybersecurity experts at DataGroupIT are available to take you through the OKTA range of solutions and tailor them to your organisation’s specific needs.

About DataGroutIT

DataGroupIT is Africa’s leading Value-Added Distributor (VAD). By partnering with the best selection of established and emerging technology vendors across the globe, we, provide complex solutions for any size business, including Enterprise and SME markets across the African continent.

Our product portfolio offers comprehensive solutions for IT Security, Infrastructure and Enterprise Software.

We are fully committed to our business partners. Channels & vendors success is our #1 mission. Our professional teams across Africa deliver exceptional sales, presale, logistic, marketing and financial support that create the ultimate platform to accelerate our business partners’ success.

Contact Us today to find out more.

Post by: DGITUser
More Articles from Articles
What is Identity and Access Management (IAM)?

What is Identity and Access Management (IAM)?

Identity and Access Management in regards to cybersecurity refers to a framework of policies, processes, and technologies that enable organisations to define and manage the roles and access privileges of users and devices. As a cyber security best...

read more
The Endpoint of the new normal

The Endpoint of the new normal

Over the last year and a half, what has been dubbed the “new normal” has slowly but surely become the “normal”. It is now common place for sensitive corporate work to be tackled in the home. Work-issued devices such as laptops, phones printers etc...

read more