Standard password-based accounts are open to many exploits including phishing, brute force dictionary attacks, and man-in-the-middle attacks. Multi-factor authentication has become table stakes for protecting users and applications in the cloud. But although its relatively easy to buy a multi-factor authentication solution, customers often struggle to match the solution to the right use cases, integrate it with single-sign on, and gain acceptance from end users or business application developers. Without preparation to align the solution to the environment, multi-factor authentication is less effective.
Our Multi-Factor Authentication Project Accelerator engagement:
- Rapidly reviews your business drivers, existing identity infrastructure, enterprise applications, core platform infrastructure
- Identifies authentication use cases for in-scope user populations, such as employees and contractors, consumers, customers, partners, and suppliers
- Develops a Multi-Factor Authentication Alternatives presentation targeted to your stakeholders, summarizing requirements, and identifying alternative solutions for each use case.
- Collects feedback on the Multi-Factor Alternatives presentation
- Delivers Multi-Factor Authentication Roadmap Presentation
Alternatives to be considered include combinations of multi-factor authentication and SSO services (such as identity bridges or federation services). We will explain the advantages and disadvantages of leading vendors such as Duo (now acquired by Cisco), Yubico, Microsoft, Okta, Ping Identity, ForgeRock, and others in your enterprise context.
The goal of the engagement is to rapidly generate an authentication roadmap that will prepare your organization to immediately begin multi-factor authentication product or service acquisition, deployment, and rollout. Depending on the size of the organization, number of locations, and availability of resources, we can typically complete the project in two-to-four weeks.
At the conclusion of the engagement, we provide your organization with:
- An understanding of your authentication use cases and requirements.
- A risk-informed action plan with clear instructions on where to focus in the next 30-60-90 days.
- Clearly articulated success criteria for each action in the plan so your multi-factor authentication team knows exactly when each action has been successfully completed.
Would you like to learn how a Multi-Factor Authentication Accelerator engagement could help your organization generate a quick win for access risk reduction?