Authentication as a baseline security control is essential for organizations to know who and what is accessing corporate resources and assets.  The Cybersecurity and Infrastructure Security Agency (CISA) states that authentication is the process of verifying that a user’s identity is genuine.

In this climate of advanced cyber threats and motivated cyber criminals, organizations need to implement strong authentication to protect against sophisticated attacks.  Strong authentication is a method used to secure computer systems and/or networks by verifying a user’s identity, and it includes several technologies and methods, including multi-factor authentication (MFA).  This article will highlight some of the technologies and methods that facilitate and enable strong authentication.

Businesses are Slowly Moving Away from Insecure Passwords

Usernames and passwords have traditionally unlocked the front door to an organization, allowing access to resources and data asset.  Passwords, however, are insecure.  When user Joe Smith enters his username and password to request access to organizational resources and assets, how does the organization know that it’s him and not someone else simply using his password? 

There is simply no way to know with any degree of certainty without stronger authentication.  Relying solely on a user to enter their password as a means of authenticating their identity before gaining access to an organization’s resources and data is just too risky.  As a result, businesses are learning that they need to mature their methods by moving away from the username and password model to strong authentication. 

In the 2021 Thales Access Management Index report, which includes survey results from more than 2,600 respondents in more than 10 countries, the findings showed that while respondents were on their journey to more sophisticated and modern authentication capabilities which included multi-factor authentication (MFA) adoption, the global average for MFA (Read more...)