August 07, 2019
4 Best Practices to Get More from Multifactor Authentication Implementation
MFA solutions have evolved, and so should your plan to implement them.
What’s the current state of multifactor authentication in your organization? If you’re like many of my customers, you might think that MFA is old hat — a problem solved years ago that now just requires a little routine maintenance. If that sounds familiar, it’s probably time for you to re-evaluate the role that MFA plays in your environment.
When most organizations first deployed MFA technology, the world was different. There were only one or two serious providers of the technology, and they offered hardware-based solutions that were expensive and awkward to use. Today, we have dozens of vendors offering flexible and user-friendly solutions that run as smartphone apps and in other convenient form factors.
Designed for Yesterday’s Technology Landscape
Many firms are still running MFA deployments that were designed around the restrictions of years past rather than the flexibility of today. These outdated approaches to MFA use the technology to safeguard remote employee access and highly sensitive resources. They were designed to keep the MFA footprint as small as possible to maximize effectiveness while keeping costs under control.
The technology environment has also changed. We spent significant time and effort safeguarding remote access solutions in the past because our security architectures were designed around the idea that we could put all of our secure resources in a nice little geographic box. If people wanted to access those resources, they either had to pass through a variety of physical security controls to gain access to our facilities or use MFA to connect remotely.
Today, this paradigm no longer exists — not only because our users have become more mobile but also because our data has become mobile. As we move to cloud-based computing models, we’ve moved our assets around the world, changing our use cases for MFA.
My clients have discovered a variety of ways that they can leverage their MFA investments to achieve greater business value. Let’s look at four ways you can draw from this experience and optimize your own MFA deployment.
1. Secure Your Collaboration and Productivity Suite
Email and chat services contain some of our most sensitive communications. They’re also generally quite easy to secure with MFA because there are only a handful of major collaboration tool providers and all MFA vendors support them.
2. Secure Critical Business Applications
If you haven’t recently reviewed the list of critical services secured by MFA, take another look. Chances are that you’ve adopted new services in recent years that would benefit from MFA.
3. Automate Password Resets
Password reset requests are the bane of help desks around the world. Establishing the identity of a remote caller is difficult, but MFA can make this process much smoother. Automating password resets with integrated MFA preserves security while reducing support costs.
4. Move New Services to the Cloud
Many organizations keep some services on-premises due to security concerns, but MFA can facilitate efforts to move these services to the cloud. Identify services that you’re comfortable moving with the added security control of MFA.
Taking a strategic approach to multifactor authentication allows organizations to continue to achieve the strong security benefits of this control while also achieving greater business value. It’s time to take stock of your MFA deployment.
This blog post brought to you by: