Keeping Up With User Permissions and Two Factor Authentication

Making sure you are up to date with user permissions and two factor authentication is crucial to guard against the latest cyber threats. Cybercriminals stay ahead of the curve in a constantly changing digital landscape. To increase security, companies should implement central solutions for user identity and access (IAM). These can be paired with better user education.

Commonly, 2FA is implemented by requiring users to use an authenticator application on their own devices. This ensures that only their device is used to sign in to a HubSpot account, which reduces the risk of stolen or lost credentials.

Duo Security, for example, is a 2FA system that was purchased by Cisco in 2018 provides mobile device support for its customers. The platform of the company uses FIDO and Web Authentication API standards (WebAuthn) to provide mobile device authentication by making use of built-in capabilities on iOS, Android and Windows smartphones. This makes it easy for users to verify their identity without the need of an IT professional to update apps or alter settings, and it helps to stop users from obstructing security controls.

Other methods to implement 2FA include requiring that it be enabled in specific geographic locations, using network information to verify users’ location and blocking authentication attempts from suspicious networks such as Tor, proxies and VPNs. These types of conditional policies can be imposed and set in several ways from the administrator dashboard of an IAM solution.

It is also essential to recognize that implementing and deploying 2FA will require some time. To speed up the process, it is an ideal idea to utilize an IAM solution that allows users to self-remediate by removing 2FA when their authenticator application is not working.

Leave a Comment