Many organizations have already deployed and invested in an Active Directory Federation Services (ADFS) installation, providing basic authentication and access into cloud applications.
ADFS now supports limited MFA support via voice OTP, SMS OTP and Push to Accept technologies. This approach does provide a minimal approach to authentication, is it enough? The challenge is really bringing ADFS authentication up to world class levels, improving the ADFS authentication story, yet not having to replace ADFS.
The general feeling by security analysts and specialists around user authentication is that two factor authentication alone is not enough to protect against the misuse of stolen credentials. This is in part because many forms of second factor authentication can be exploited.
One such example is “Push-to-Accept”. This method utilizes something the user has (typically a mobile device) and something the user knows (username and password) for authenticating the user, but often can be easily exploited.
SecureAuth? IdP provides adaptive access control, empowering organizations to determine identities with confidence. Two-factor authentication is no longer enough to protect enterprise identities. Progressive companies are looking for next generation technologies to help them determine their varying identities with confidence and even prevent attackers with valid user credentials.
Despite the many 2FA options, the real problem healthcare organizations need to solve is how to defend against the use of stolen credentials without having to reduce security, or having to complicate user routines.
Healthcare organizations spend millions of dollars each year on traditional endpoint and network security, yet breaches still occur on a daily basis. In fact, 2015 was a banner year for healthcare hacks. The Cyber Security Act of 2015 was a strong response, placing increased pressure on healthcare organizations to implement better access control. Because compromised valid user credentials are used upwards of 60% of the time during attacks, the key to better security is to focus on the identity and treat that identity as the new security perimeter.
Findings show 74 percent of respondents who use two-factor authentication admit that they receive complaints
IRVINE, Calif. – Jan. 11, 2017 – SecureAuth® Corporation, the leader in adaptive access control, today announced the results of a survey that reveals challenges associated with two-factor authentication (2FA). Commissioned in conjunction with Amplitude Research, the responses surveyed 300 IT decision makers and cybersecurity professionals on industry perspectives and concerns with 2FA.
One of the largest challenges that organizations face when implementing multi-factor authentication is user adoption. Balancing user experience against security has always been a difficult task and seems to be getting harder every day for security organizations around the globe. One of the largest hits to multi-factor adoption has been against SMS (AKA Text Message) delivery of One-Time Passcodes.