Organizations must ensure that their workforce and customers can access only the information that they need. There is an immediate need for a seamless way to manage authentication structures — both human and technology — and their levels of access to systems, applications, and networks.
Organizations must evaluate a plethora of authentication tools and services, all of which may operate differently in an organization’s unique environment. Selecting the tools that best fit an organization’s business needs and implementing them can be overwhelming.
MorganFranklin can provide a team of experts who will assist in determining the best authentication options. These advisors provide enterprise cybersecurity expertise to make decisions that are rooted in business logistics, ensuring that the company’s operations remain streamlined and efficient.
We’ll facilitate the planning of authentication systems, make recommendations, and then implement the solutions that best fit an organization’s most critical authentication needs. Common use cases include:
- Two-Factor Authentication: Reinforcing Account Security
Use of poor and reused passwords puts online and business accounts at risk. Two-factor authentication (2FA) requires a second form of authentication, in addition to a password, to decrease the exploitability of accounts with compromised passwords.
- Remote Access: Enabling Secure Remote Work
Remote access to company systems is essential for teleworkers, administrators, and off-site personnel. Remote access management solutions verify user identity and permissions before permitting access to sensitive data or resources.
- Step-Up Authentication: Implementing Adaptive Authentication
Adaptive authentication is designed to address varying levels of risk by requiring stronger authentication for access to riskier assets. Step-up authentication makes this possible by requiring additional proof of identity from users requesting access to assets at higher risk levels.
We work with industry leading authentication technologies for hybrid, on-prem and cloud deployments including:
- Password-less solutions
- 2FA & MFA
- Adaptive Authentication
As the demand for a reduction in password reliance continues, new identity and authentication solutions and tools are perpetually launching. Which of these solutions, methodologies or tools should an organization consider implementing? MorganFranklin can help an organization discover all of the options, budget, and best solutions that meet top priorities.
- Biometrics: Effortless Authentication
Fingerprints, voice recognition, facial recognition, iris/eye scanning, and in-app or on-network behavioral mapping are today’s most common biologically-based sources for authentication. These solutions are typically used within mobile app environments to verify customers, but are also prevalent in traditional security measures such as building access. MorganFranklin can evaluate and determine if biometrics is a solution an organization needs to consider implementing.
- FIDO: Simpler, More Secure Passwordless Logins
The FIDO protocols are designed to balance usability with security. Users prove their identity through a simple action at log in, such as swiping a finger, entering a PIN, speaking into a microphone, inserting a second-factor device or pressing a button. Behind the scenes, the FIDO protocols use standard public key cryptography techniques to provide stronger authentication.
The FIDO Alliance currently has published three sets of specifications for simpler, stronger authentication: FIDO Universal Second Factor (FIDO U2F), FIDO Universal Authentication Framework (FIDO UAF) and FIDO2. FIDO2 includes the W3C’s Web Authentication (WebAuthn) specification and FIDO Client to Authenticator Protocol (CTAP). The specifications are open and free for global use.
MorganFranklin will assist an organization in building a business case, purchasing and implementing FIDO Authentication for simpler, more secure passwordless logins.
Multi-factor authentication (MFA) is essential to enterprise cybersecurity and compliance with a number of regulations. MorganFranklin can help with the selection and implementation of a number of MFA solutions, including offerings from:
- RSA: RSA is an industry leader in MFA, with a variety of solutions for tokenization and additional authentication factors. RSA offers integration with both on-premises and cloud-based deployments.
- Gemalto: Gemalto offers a limited set of additional factors for securing on-premises and cloud-based infrastructure.
- Symantec: Symantec offers MFA solutions for both on-premises and the cloud. It is an industry leader in MFA but requires additional modules for integration and has a unique cost model.