A multi-factor authentication is a layered approach that requires users to provide two or more verification factors, such as credentials, to gain access to data and applications. If one of the credentials is compromised, the thinking goes, an unauthorised user will still be unable to meet the second authentication requirement and will be denied access to a targeted physical space, computing device, network, or database. Cybersecurity applications have long embraced the idea of MFA, which is also now more common than ever in the physical security space. We asked this week’s Expert Panel Roundtable: How does multi-factor authentication impact the security marketplace?
In today’s world, it seems we are constantly bombarded by phishing scams. If you mistakenly fall for one, someone can steal your information and gain access to sensitive data. This is why it is so important to use multi-factor authentication (MFA) anytime you log into a site with sensitive information. When accessing billing information, Social Security numbers, or even access to a camera system, the user needs to be validated from more than just one source. In our industry, unauthorised access to security systems can expose vital information, including the harvesting of password-protected sensitive video. By using MFA, the risk is significantly reduced by forcing the user to enter, at minimum, two forms of validation. A link that goes to a verified email or a code that is sent to a verified cell phone is among the required multiple steps that can effectively guard against a potential hacker.
Multi-factor authentication (MFA) is already commonly used in areas such as e-commerce and online banking precisely because it offers a superior level of protection for particularly attractive areas to criminals. This equally applies to security and safety systems, of course, which also require the highest levels of assurance regarding authentication. Organisations are looking to further improve the security of physical access and that of their databases and systems to combat cyber and physical threats and protect vulnerabilities. Authentication is particularly under the spotlight. Using MFA through a combination of technologies such as tokens/cards, biometrics, and a password/code (something you have, something you are, and something you know) inevitably makes the job of cracking security far more difficult. It will obviously dissuade all but the most determined of intruders. As attacks become more sophisticated, we will likely see MFA deployment increasing rapidly.
Multifactor authentication (MFA) provides additional layers of security by requiring multiple authentication methods to verify a user's identity. It typically combines something the user knows, such as a password; something the user has, such as a hardware security token; and who the user is, such as biometric information. Additional factors such as location and time-based authentication can add more layers of protection and are often components of zero-trust architectures. These additional layers help prevent common social engineering attacks. When considering how to secure a facility, multi-factor authentication, biometrics, or even a PIN number, can prevent unauthorised access to a secure area. MFA should be a key component of any organization’s cybersecurity and physical security strategy. While it is still a relatively new concept in the physical security industry, demand for it is increasing as more interest is placed on the cybersecurity of physical security systems.
Multi-factor authentication is not just for email accounts; it is also crucial for protecting physical assets across the enterprise. Any digital device or software solution that interfaces with the physical world to deliver physical security is dependent upon proper programming, configuration, and commands. Said another way, physical security solutions operate in the nexus between the physical and digital world and thus depend upon cybersecurity. As we have learned time and time again, MFA is a vital security control to prevent malicious exploitation of digital assets. It should be leveraged to the maximum extent possible within the organisation to secure its systems. Coupled with proper network segmentation, this is one of the best ways to protect the broader organisation from cyberattacks.
The past three years have seen the rapid adoption of remote working models and cloud-centric resources. Organisations rushed to deploy multi-factor authentication (MFA) to protect these resources, underscoring the new importance of identity to security strategy. While this new security maturity is welcome, not all MFA deployments are alike, and there is ample room for growth. Adoption may have caught on rapidly, but the industry has more work to do especially as new challenges stemming from the popularity of MFA itself. Once ubiquitous within the enterprise, users may be prompted to use MFA at every transaction leading to MFA fatigue. The ideal path forward is with an advanced MFA. Emerging standards such as Passkeys hold true potential for strong, biometric-supported authentication that can provide identity context for artificial intelligence and machine learning-based algorithms to make informed access decisions without prompting the use to deviate from their normal usage patterns.