JS Business Solutions Blog
MFA Could be Improved Upon With Adaptive Authentication
We’d be the first to admit that, as much as we’d recommend that you use multi-factor authentication wherever it is available, MFA isn’t perfect. This makes the idea that an improvement to these methods is on the horizon an intriguing one. Let’s discuss what may become the new and improved standard fairly soon.
Let’s begin with a review of MFA’s biggest downside: how frustrating it can be.
Multi-Factor Authentication Admittedly Adds Obstacles
Granted, this is the point—by adding additional hurdles to clear before access to an account or data is allowed, the account or data in question is made more secure. However, if there are too many hurdles, too many obstacles for your team to clear, it will help secure your team’s accounts, but at the cost of their satisfaction and ultimately, engagement.
In addition to this, one of the most common means of multi-factor authentication is the use of a smartphone-generated code. This makes it necessary for your team members to have their phones at the ready—something that most of us have learned isn’t totally practical through experience. What if they forget their mobile devices at home, or the battery dies, or it breaks?
How do you expect them to work effectively then?
The security benefits of MFA are clear—but so is the stress that it can potentially cause.
Adaptive Authentication Can Reduce This Stress
Adaptive authentication is a new approach that some organizations have adopted. Here’s how it works:
Rather than relying on proof after proof provided by the user as a means of authentication, adaptive authentication collects different types of data, largely based on user behavior. Chances are, your workday’s processes are pretty consistent from day to day, and you’ve developed a particular way of typing and moving your mouse. Adaptive authentication examines these factors to determine whether or not a user is who they claim to be, building a profile to compare behaviors to and providing access should they match.
If something odd is detected, like an unfamiliar device trying to access your data from a new place at an unusual time, a multi-factor prompt will be requested. Otherwise, you’ll be able to access your resources with minimal friction.
By balancing security with convenience, you strike an ideal compromise that optimizes both.
This kind of approach has been embraced by various industries, and while it may not be available to the typical small-to-medium-sized business just yet, it may be something to keep in mind moving forward. For now, we’re here to help you maintain your business’ productivity and security.
Find out how we can help by giving us a call at (781) 715-1900.