Making the Multi-factor Authentication Transition

As business operations move to the cloud, companies are increasingly switching to Multi-Factor Authentication (MFA) to secure their applications. After all, when business can be done from anywhere, and employees may need hundreds of different digital tools and services, security is a major concern.

With new software comes new practices, and it’s critical to roll things out in a way that makes life easy for end-users. This is where User Access Management is key. Sysadmins must have a reliable plan for giving users access to the tools they need when they need them. That includes external applications, network apps, permissions, and other company security requirements. Keep these points in mind when you’re setting up:

Not everyone needs access to every app

If an employee has access to too many apps they don’t use, they may feel overwhelmed or find that it’s harder to locate the tools they need on a daily basis. Consider your smartphone: if you have hundreds of apps you don’t use, it takes ages to look through them all to find the ones you do. Save your scrolling for Twitter. At work, you should be able to find what you need quickly.

Only give users access to the apps they actually need. You can easily add more access as new needs develop, but avoid permissions creep. You can do that quickly and simply with batch provisioning.

Consider how your employees work

 

With Adaptive MFA, you have plenty of options for how to authenticate identity. That means you can choose the methods that will be quickest, easiest and most secure for the employees using them. Does your team do a lot of work on the road? They can verify their identity from their smartphone with Okta Verify with Pushor OTP (one-time password), SMS, or voice. Do they always work from the office? Location-based authentication services can tell they’re in the building, and grant access to the apps they need.

The key is to choose a service that can adapt to your users’ needs. MFA isn’t one-size-fits-all—in most organizations, every employee will have their own workflows and preferences. 2FA can cause problems when authentication methods are too rigid, and employees get locked out of their apps. Nobody likes delays and lost productivity.

Batches are your friend

When you’re getting set up, group your users in a way that makes sense for access. That way it’s easy to manage security requirements for entire departments or levels of seniority, instead of having to set people up one by one, or come up with one method that sort of works for everyone. So you may want to require voice authentication for senior leadership or other employees with access to confidential data but stick to security questions for contractors who only have access to one or two apps.

Batching has plenty of benefits beyond MFA. When your users are grouped, provisioning and deprovisioning is a breeze. Just hired someone new in HR? Add them to the HR group and they’ll have all the apps they need. No more painstakingly giving them access to individual programs, and fielding requests for new things they just found out they don’t have.

And it’s not just new employees who need new tools. Does everyone in customer support now need access to Salesforce? No problem. When you’ve grouped them, you can give everyone access in minutes. It’s like when your entire extended family bypassed the line at Splash Mountain because your Aunt Joan sprung for the FastPass+.

The benefits of User Access Management and Adaptive MFA

Some businesses are unsure about MFA because they think it’s impossible to have both sign-on convenience and privacy. That’s where the importance of adaptive multi-factor authentication comes in. Instead of requiring the same types of authentication (which causes problems if, say, a phone gets lost or damaged), Okta can adapt to changing circumstances and verify identity-based on a wide range of factors. With the right tools at hand and a strategy for user access management, you can have both convenience and privacy.

Be safe, be accessible, be better. Learn more about what Okta’s Adaptive MFA can do for your team.

This article was originally published here.

 

Cover Your pASSword: Add PassProtect to Your Web Browser

There are over half a billion passwords floating around the Internet, largely exposed through data breaches. That’s 500,000,000+ of your, your friends’, your families’ passwords exposed to anyone and everyone.

While the average person is generally aware security is important, they often don’t know what steps they can take to protect themselves. While we’ve seen countless stories listing ‘123456’ and ‘password’ as popular (and terrible) passwords, consumers aren’t taking action to change their credentials.

[Read more…]

Who Needs Hosted Private Cloud? Your Landlord, Healthcare Provider, and EdTech

Sungard AS Hosted Private Cloud

When Sungard Availability Services introduced its hosted private cloud solution for Dell EMC environments last month, companies began taking a second look at their cloud installations. From real estate management firms to healthcare providers to educational technology (EdTech) vendors, businesses of all types began assessing their need for greater security and resilience. [Read more…]