You are unique in this world, with an identity that no other person has. But sometimes you are called upon to verify your identity in order to access certain services. An identification card may be required for you to cash a check, pick up a prescription, or enter a secure building. In the IT world, identity and access management (IAM) is a discipline that determines your eligibility to access a secure computing environment. You are often called upon to convince a remote server that you are who you say you are. Two common methods for online identity verification are multifactor authentication (MFA) and single sign-on (SSO).
Strong Passwords Are Not Enough
You may have read about the importance of choosing passwords that cannot be easily cracked. It’s very important to have a good password policy that includes requirements for creating strong passwords. But despite your best intentions, using passwords alone to protect your sensitive data can make you vulnerable in several ways. In August 2013 every single Yahoo account was hacked, totalling 3 billion users. Along with theft of account databases, your company passwords may be subject to compromise through social engineering, phishing, or some other clever tool of cyber criminals. You need more than just passwords to secure access to your data. You need MFA.
What Is Multifactor Authentication (MFA)?
In computing terms, authentication is a means of confirming a user’s identity to grant them access to a secure computing environment. Multifactor authentication requires the use of two or more ways to confirm that you are who you say you are when you try to log in. Factors can include:
- Something the user knows
- Something the user has
- Something the user is
One very common method of MFA involves the use of a secure code. Many websites now send a secure code as a text to your smartphone so that you can further validate your identity after you log in with your password. This method uses something you know (your password) as well as something you have (your smartphone) to authenticate you to the website. Another common form of MFA is an app on your phone that generates secure codes to enter after your password.
Why You Need MFA
The addition of an authentication factor in the login process means that your access is that much more secure. In this age of cybercrime, you need all the security you can muster. Password-only access involves a single factor (something you know) that is insufficient today. MFA increases the difficulty and complexity required for hackers to compromise your account.
What Is Single Sign On (SSO)?
The average user may have login access to dozens of web applications, each requiring a separate user ID and password. To simplify access to so many different services, many application providers are allowing their websites to be accessed with a single authentication process, known as single sign-on. It’s like having one key that opens more than one lock. One good example is Office 365. With a single sign-on to Office 365, you are immediately signed on to multiple 365 services, such as Teams, Word and Excel, and Outlook.
Why Use SSO?
Setting up a single login can be an advantage for businesses. Rather than creating a login access for each of the services and databases of an organization, an IT department that uses SSO must only create one login process for the user to access everything. Of course, that single login should be a very secure method, employing strong passwords and multifactor authentication. But in the long run, SSO will require less work by the IT department, and will provide greater security thru enforcement of complex passwords that require a secondary authentication.
For the user, SSO offers a significant advantage. Rather than creating and remembering a whole host of passwords and login processes, the user will only have to login once. This can save time and increase productivity.
Given the increasing threat of cyber-attack, it’s important to have robust and reliable methods for identity and access management. Multifactor authentication increases access security exponentially by including more than one method for identifying yourself on the internet. Single sign-on also increases security by limiting the cyber-attack surface through reduction of the number of logins. SSO also makes administration and use easier for both the IT support professional and the user. Every business would do well to consider integrating these access methods into their IT systems.