Multi-Factor Authentication
Overview
Access to data or to a specific company service by employees always exposes the company to the difficulty of identifying the applicant with certainty, in order to avoid that any escape / loss of specific company credentials could generate an escape \ loss of information.
In this context, the European GDPR legislation requires the company to implement as much as possible a more efficient and responsible management of the corporate digital identities of its staff.
Solution
Multi-Factor Authentication (MFA) is an authentication method that requires the use of multiple verification methods, adding a second level of security to user logins and transactions, offering one of the following second authentication factor:
- Telephone call: a call is made to the telephone registered for the user;
- Text message (SMS): an SMS containing a pin code to be entered during the authentication process is sent to the user’s mobile phone;
- Notification via Mobile App: a verification request is sent to the user’s smartphone via the Mobile App;
- Verification code via Mobile App: a code is generated every 30 seconds in the Mobile App on the user’s smartphone. The user must enter the most recent code when authenticating.
Requirements
The minimum license required is Azure Active Directory Premium P1 (also included in Microsoft Enterprise Mobility + Security E3)
Benefits
An additional level of security is provided to the user account login process.
Passwords are, in fact, often hacked. The weaker ones are easy both to remember and to guess, while the more complex ones are difficult to discover but also to keep in mind.
Also for these reasons, users often use the same password on different accounts, implicitly facilitating the work of hackers.
Two-factor authentication hinders the work of hackers, forcing them to identify the “second factor” as well.