Successfully reported this slideshow.
Your SlideShare is downloading. ×

Secure authentication in the age of remote working - MFA

Secure authentication in the age of remote working - MFA

Download to read offline

Full details on these slides is published on my website at below link:
https://trustbeyondauth.com/2020/08/13/secure-authentication-in-age-of-remote-working-introduction-to-mfa/

This slide is to bring awareness on securing the authentication during the age of remote working due to current lockdown situations and bringing MFA in place for having more secured work place.

Full details on these slides is published on my website at below link:
https://trustbeyondauth.com/2020/08/13/secure-authentication-in-age-of-remote-working-introduction-to-mfa/

This slide is to bring awareness on securing the authentication during the age of remote working due to current lockdown situations and bringing MFA in place for having more secured work place.

Advertisement
Advertisement

More Related Content

Advertisement

Secure authentication in the age of remote working - MFA

  1. 1. Secure Authentication in the Age of Remote Working – An Awareness Yusuf Khan – Digital Identity Architect Jul 2020
  2. 2. No longer privilege ..but a forced alternative for business continuity
  3. 3. Increased risks with this sudden shift Phishing – Email Scams /SMS Scams Business continuity vs security Weak security practices/controls Attacks on remote working infra Malicious insider Home Wi-fi security – E.g. Weaker protocols WEP instead of WPA-2
  4. 4. According to Barracuda Networks. by over 600% since the end of February
  5. 5. Recent Attacks During Covid DocuSign scam - June 2020 WordPress Admin – July 2020 Fine fear UK Gov scam – Apr 2020Tesco Voucher scam – May 2020 Microsoft Office 365 spear phishing – May 2020 *Full details of above attacks : https://www.itgovernance.co.uk/blog/category/catches-of-the-month
  6. 6. BYOD Organization devices Organization Managed devices Secured over VPN How some organizations managing/securing remote working conditions? IT systems secured with organization issued credentials and IT security IT systems secured with organization issued credentials and IT security Level : Zero Level : Low Level : Medium NoMFA+SSOSolutioninplaceinall
  7. 7. In Verizon’s “2019 Data Breach Investigation Report” (DBIR), data showed that passwords caused 81% of data breaches over the past few years. Based on an article by TechRepublic, larger companies that are using SSO and MFA, the average employee needs to maintain around 25 passwords. Without MFA and SSO, employees may have to deal with as many as 85 different passwords. Verizon report on breaches without MFA and SSO
  8. 8. Tie them together SSO Solution (And its not new) - Provide credentials once - SSO between on premise and cloud solution - SSO to web and enterprise applications plus VDI and SaaS applications. MFA Solution (And its also not new) - Additional factor to verify identity - SMS TOTP, Authenticators, FIDO2 - Biometric verification Next step : Intelligence Adaptive MFA, Behavioral Analysis So what is MFA and SSO solution?
  9. 9. How to Enable MFA? • Identify systems/components • Raise awareness and communicate • Execution plan and engage IT and information security. • Identify target user phased rollout • Support enrollment and usage of MFA initial phases • Monitor and test feedback/results - KPIs • Depending on above results go for Gradual/Full rollout
  10. 10. Is MFA Vulnerable? • Social Engineering • Bad design and/or implementation AWARENESS IS THE KEY Answer is Yes. But risks are still less . Here are some major failure reasons
  11. 11. Thank You Write to me for any queries : Email : ykhan.mca@gmail.com

×