Multi-Factor Authentication (MFA) is a security system that verifies a user’s identity by requiring multiple credentials. Rather than just asking for a username and password, MFA requires other—additional—credentials, such as a code from the user’s smartphone, the answer to a security question, a fingerprint, or facial recognition.
MFA is an effective way to provide enhanced security. Traditional usernames and passwords can be stolen, and they’ve become increasingly more vulnerable to brute force attacks. MFA creates multiple layers of security to help increase the confidence that the user requesting access is actually who they claim to be. With MFA, a cybercriminal may steal one credential but will be thwarted by having to verify identity in a different manner.
Examples of Multi-Factor Authentication include using a combination of these elements to authenticate:
- Codes generated by smartphone apps
- Badges, USB devices, or other physical devices
- Soft tokens, certificates
- Fingerprints
- Codes sent to an email address
- Facial recognition
- Retina or iris scanning
- Behavioral analysis
- Risk score
- Answers to personal security questions
Types of authentication factors
When it comes to MFA, we typically refer to three types of authentication factors:
- Things you know (knowledge), such as a password or PIN
- Things you have (possession), such as a badge or smartphone
- Things you are (inheritance), indicated through biometrics, like fingerprints or voice recognition
The latest MFA solutions incorporate additional factors by considering context and behavior when authenticating. For example:
- Where you are when trying to obtain access, such as a cafe or home
- When you are trying to access, like late at night or during the workday
- What device you’re using, such as a smartphone versus a laptop
- What kind of network are you accessing, like private or public
Often called Adaptive Authentication, this type of MFA takes context into account to flag logins that are out of the ordinary. When a person tries to authenticate in an unusual context, Adaptive MFA may tighten security by requesting additional credentials. For example, if a user is logging in from a cafe late at night—and this is not typical for that user—the MFA tool may require the user to enter a code texted to the user’s phone.
Multi-factor authentication serves a vital function within any organization -securing access to corporate networks, protecting the identities of users, and ensuring that a user is who he claims to be.
Evolving business needs around cloud applications and mobile devices, combined with rising threats, and the need to reduce costs, require entirely new considerations for access control.
Authentication is one piece of the Access Management pie. Identity and Access Management solutions provide a framework for granting and requesting access to applications, enforcing access controls, and ensuring visibility into access events. That’s where SafeNet Trusted Access comes in.
SafeNet Trusted Access is an access management service that combines the convenience of a single sign-on with granular access security. By validating identities, enforcing access policies, and applying smart single sign-on, organizations can ensure secure, convenient access to numerous cloud and web-based applications from one easy-to-navigate console.
Why do we need multi-factor authentication?
New threats, risks, and vulnerabilities as well as evolving business requirements underscore to the need for a strong authentication approach based on simple service delivery, choice, and future-forward scalability.
Today, organizations are asking:
- Can I address the new demands of my business — like cloud and mobile devices?
- How do I map access control methods to business risk and the needs of my users?
- Can I centrally manage, control, and administer all my users and endpoints?
- Who controls my user data?
-
-
- How can I incorporate additional security layers to help me further fortify against threats?
- And how do I keep it all practical and cost-effective?
-
-
More than ever, customers are looking for identity and access management solutions that deliver simplicity, automation, reduced TCO, and choice.
Our multi-factor authentication software delivers the protection you expect while enabling customers with broader choice, improved visibility, and the ability to expand into the future. As a result, organizations using our MFA software have:
- Better self-control of data – We enables customers with the option to create and control their own token data, so there is no reliance on a third-party vendor
- Improved management and visibility – Our solutions deliver single-server management, providing full control, simple administration, and reduced cost and staff burden
- Expanded options – We delivers the broadest choice when it comes to access security methods – so you can meet the needs of any user and any risk level (hardware or software, certificate-based authentication or traditional one-time-password, on-premise, or into the cloud)
- Future-ready solutions – We provide new solutions that deliver MFA and single sign-on (SSO) for cloud applications as well as credentialing for mobile device management
- Painless migrations – We offer seamless migration to cloud-based authentication, which maintains your existing investments and causes no disruption to end-users