One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 7408400 |
| Date de publication | 2022-10-12 02:00:00 (vue: 2022-10-12 09:05:48) |
| Titre | Top considerations when choosing a multi-factor authentication solution |
| Texte | Passwords clearly are not enough to protect networks. Any security guidance will tell you that multi-factor authentication (MFA) is a key method to keep attackers out. But what type of MFA should your firm deploy? Choosing multi-factor tokens and tools depends on your firm, your needs, and how attackers are likely to target your firm. Planning ahead will minimize deployment and migration issues when new tokens or new phones are issued.These are the most important considerations when choosing an MFA solution.Know what the MFA solution will and will not protect You have several decisions to make when deciding what MFA tool to use. First, review how the tool protects your network. Often when adding MFA to existing on-premises applications, it may not fully protect your organization from some attacks. Case in point is the recent Exchange Server zero-day attack. MFA in this situation did not protect servers. At least one victim used on-premises Exchange Server with a third-party MFA application. While it protected parts of the authentication process, it did not protect Outlook Web Access (OWA), which uses basic authentication. MFA didn't protect that part of the site, so the attackers could go around MFA and attack the servers. Consider exactly what the MFA solution you choose protects, then review what authentication processes are still exposed.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | access adding ahead any application applications are around article attack attackers attacks authentication basic but case choose choosing clearly click consider considerations could day deciding decisions deploy deployment did didn enough exactly exchange existing exposed factor firm first from full fully guidance have here how important issued issues keep key know least likely make may method mfa migration minimize most multi needs network networks new not often one organization out outlook owa part parts party passwords phones planning please point premises process processes protect protected protects read recent review security server servers several should site situation solution some target tell then these third tokens tool tools depends top type use used uses victim web what when which will your zero |
| Tags | Tool |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.