Keeping Up With User Permissions and Two Factor Authentication

To safeguard against new cyber-attacks, it’s essential to stay up-to-date with the most recent user permissions. Two-factor authentication is vital. The digital landscape is always changing and cybercriminals remain one step ahead. To stay secure, organizations must implement central user identity and access management (IAM) solutions which can be combined with better user education to improve overall security.

One common method of applying 2FA is to require that users use an authenticator app on their personal devices. This ensures that only the user’s device is used to log in to HubSpot thus reducing the risk of having stolen or lost credentials.

Duo Security, for example, is a 2FA system that was purchased by Cisco in the year 2018 offers mobile device support for its customers. The company’s platform uses FIDO and Web Authentication API (WebAuthn) standards to provide mobile device authentication by tapping into built-in capabilities in iOS, Android and Windows phones. This is a convenient way for users to verify their identity without the need for an IT professional to update their apps or change settings, and it can also help prevent users from obstructing security controls.

Other ways to implement 2FA include requiring it to be enabled on specific geographic locations, using network information to verify the location of users and blocking authentication attempts from suspicious networks like Tor proxy servers, proxies and VPNs. These kinds of conditional policies can be set and enforced in different ways from the administrator dashboard of an IAM solution.

It is also crucial to realize that installing and deploying 2FA will take some time. To help speed the process, it is recommended to use an IAM solution that allows users to self-remediate by disabling 2FA if their authenticator app is no longer functioning.

Add Comment