Implement MFA with a risk-based approach for stronger security
•
2 gefällt mir•4,178 views
This document provides best practices for implementing multi-factor authentication (MFA) for stronger security. It discusses how MFA provides an additional layer of security beyond passwords alone. The document recommends understanding your requirements, evaluating solutions based on integration, user experience and flexibility, assessing users and applications, choosing appropriate authentication factors and distribution methods, taking mobile security measures, and delivering MFA through a risk-based and user-friendly approach to prevent stolen password attacks while balancing security and usability.
Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Ähnlich wie Implement MFA with a risk-based approach for stronger security
Ähnlich wie Implement MFA with a risk-based approach for stronger security (20)
Mehr von Sirius
Mehr von Sirius (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Implement MFA with a risk-based approach for stronger security
- 1. BEST PRACTICES FOR MFA DELIVERING STRONGER SECURITY AGAINST THREATS
- 2. MEET THE EXPERTS CHRIS HOKE Managing Director, Sirius Security Solutions SLY GITTENS Senior Technical Product Marketing Manager, RSA Security
- 4. In 2017, the impacts of the WannaCry, NotPetya, and Equifax cyber attacks were closely followed by the stunning disclosure of the Meltdown and Spectre vulnerabilities. Drove spending; Gartner forecasts worldwide security spending will reach $96 billion in 2018, up 8 percent from 2017 Affected individuals, businesses and countries; increased the sense of urgency around cybersecurity
- 5. . FUNDING DOESN’T ENSURE SECURITY Money is often spent implementing practices that fail to protect against sophisticated threats, and continue to prop up password security. Complex passwords are hard to remember. Users write them down, and blend common words with easily discoverable information. According to Verizon’s 2017 DBIR, 81% of hacking-related breaches leveraged stolen and/or weak passwords. Users are just trying to get their jobs done with the least amount of hassle, but these shortcuts increase risk factors for the organization.
- 6. Multi-factor authentication (MFA) provides an additional layer of security, and can streamline access HOW CAN WE MAKE ACCESS HARD FOR HACKERS, BUT EASY FOR USERS?
- 7. Multi-factor authentication (MFA) is a method of access control in which a user is granted access only after successfully presenting at least two separate pieces of evidence to an authentication mechanism within the following categories: Knowledge Factor Something only the user knows, such as a username, PIN, password, or the answer to a security question Possession Factor Something only the user has, such as a hardware or software token that generates an authentication code Inherence Factor Something they are, such as biometric information from fingerprints, voice recognition, or retina scans
- 8. Ask yourself: HOW ARE YOU PROTECTING YOUR ORGANIZATION’S SENSITIVE APPLICATIONS? a) Username and password b) Username, password and MFA c) MFA only
- 9. Solutions vary widely, and it is frequently deployed in a way that leaves users feeling harassed NOT ALL MFA IS CREATED EQUAL
- 10. Risk-based, adaptive MFA improves user experience while also improving security MAKE MFA ADAPT, NOT YOUR USERS
- 12. ONE UNDERSTAND REQUIREMENTS Define your needs, uses cases and deployment strategy
- 13. Choose the right solution for your environment TWO EVALUATE SOLUTIONS
- 14. Ask yourself: WHAT IS MOST IMPORTANT TO YOUR ORGANIZATION WHEN CONSIDERING AN MFA SOLUTION? a) Integration with SSO b) Improving user experience c) Flexibility in distribution channels
- 15. Does the solution provide a range of options for all of your uses?1 Does it offer the flexibility to add new authentication methods?2 Are you able to use risk-and context-based identity assurance?3 Does it enable you to support flexibility, user choice and emergency access requirements? 4 QUESTIONS TO ASK
- 16. KEY ATTRIBUTES Easy to Deploy Easy to Use Easy to Manage
- 17. Deploying across all users and applications limits exposure and improves user experience THREE ASSESS YOUR USERS & APPLICATIONS
- 18. FOUR CHOOSE FACTORS & DISTRIBUTION TACTICS Consider what works best for your user population
- 19. FIVE TAKE MOBILE SECURITY MEASURES Validate devices with direct access to systems and data
- 20. Adopt a risk-based, user-friendly approach to MFA Prevent attacks that leverage stolen passwords Strike the right balance between ease of use and protection DELIVER STRONGER SECURITY AGAINST THREATS
- 21. NEXT STEPS Consider an IAM Workshop or Security Architecture Review
- 22. CHRIS HOKE Chris.hoke@siriuscom.com Or contact your Sirius Account Manager QUESTIONS