Multi-factor authentication (MFA) has become so commoditized in the recent years that it’s easy to forget that it’s a service running on servers. And as such, that it can suffer interruptions and hacks. Recognizing this has consequences on how to pick and to use an MFA service.
In most organizations, security solutions (and in particular MFA, multi-factor authentication) are not requested by the security department or even IT, they are mandated by the risks & compliance team. Indeed, although protecting information systems against intrusions and using specific technology for that sounds obvious, very few companies deploy a protection in anticipation. They more than often delay it until they are required to – or until they are hit so badly that they nearly go out of business (giving recent examples would make this blog post considerably too long).
The odds are that you were first exposed to some form of advanced authentication as an employee when you were given a key-chain token to connect to the company VPN or webmail, or as a customer when you received a code in a short text asking you to confirm a transaction. Although these look like completely different technologies, they have exactly the same single purpose Read More
The time of the Business of Identity has arrived. From an obscure technical topic a couple of years ago, Identity and Access Management (IAM) has gained visibility from CIOs and other C-level executives. Read More