Keeping Up With User Permissions and Two Factor Authentication

  • by

To protect against new cyber threats, it is vital to be aware of the latest user permissions. Two-factor authentication is vital. Cybercriminals are always ahead the curve in a continuously evolving digital landscape. To improve security, organizations should adopt centralized solutions to access and identity of users (IAM). These can be paired with improved user education.

A common way of applying 2FA is to require that users use an authenticator application on their personal devices. This ensures that only their device is used to sign in to a HubSpot account, which reduces the chance of theft or lost credentials.

For instance, Duo Security, a 2FA solution that was acquired by Cisco in the year 2018, offers mobile device support for its customers. The platform used by the company utilizes FIDO and Web Authentication API standards (WebAuthn) to enable mobile device authentication by using the built-in capabilities on iOS, Android and Windows smartphones. This makes it easy for users to verify their identity without the need of an IT professional to update applications or alter settings, and it can also help prevent them from accidentally bypassing security controls.

Other ways to implement 2FA include requiring it to be enabled in specific geographical locations, using network information to verify users’ location and blocking authentication attempts from suspicious networks like Tor, proxies and VPNs. These conditional policies can also be crafted and enforced through the IAM solution’s administrator dashboard.

It is also crucial to recognize that the process of implementing and deploying 2FA will require some time. To speed the process, it’s a good idea to use an IAM solution that allows users to self-remediate by turning off 2FA if their authenticator application is not working.

Leave a Reply

Your email address will not be published. Required fields are marked *