Multi-Factor Authentication Made Simple for Legacy and Custom Apps

We may be living in the age of the cloud, but many organizations still rely on legacy or custom applications for some of their most critical operations. Whether it’s a case of “if it’s not broke, don’t fix it” or understandable concern about the risk and cost of replacing them, these apps aren’t going away anytime soon.

There’s just one problem: security. Sure, these apps are behind the firewall, but they’re typically protected only by a username/password combination. At a time when 81 percent of hacking-related data breaches leverage stolen or weak passwords, that can spell trouble. All it takes is one hacker to get through the firewall with stolen credentials for a potentially disastrous breach to occur.

AWS Builder Community Hub

Adding multi-factor authentication may seem like an obvious solution, but that’s easier said than done in some cases, because legacy and custom apps aren’t likely to support standard authentication protocols like SAML or RADIUS. Therefore, multi-factor authentication has to be custom-coded. And the more apps there are, the more costly and time-consuming it becomes to add multi-factor authentication—to the point of being difficult to justify. Organizations can end up in the unenviable position of trying to decide which apps merit the effort and which they’re willing to risk leaving less protected.

The alternatives haven’t been great: bite the bullet and undertake a significant development effort to manually add multi-factor authentication to some or all of the legacy and custom apps—or keep security limited to a credentials-based approach, and hope for the (Read more...)

*** This is a Security Bloggers Network syndicated blog from RSA Blog authored by Tim Norris. Read the original post at: