User permissions and two factor authentication are essential components of a solid security infrastructure. They can reduce the chance of insider threats or accidental data breaches and help ensure regulatory compliance.

Two-factor authentication (2FA) requires a user to enter credentials from two distinct categories to be able to log into an account. This could be something the user is familiar with (passwords PIN codes, passwords and security questions) or something they have (one-time verification code sent to their mobile, or an authenticator application) or something they ARE (fingerprints face, fingerprints, or retinal scan).

Most often, 2FA is a subset of Multi-Factor Authentication (MFA) which has many more elements than two. MFA is usually a requirement in certain industries, including healthcare (because of stringent HIPAA regulations), ecommerce and banking. The COVID-19 epidemic has given new urgency to security for companies that require two-factor authentication for remote workers.

Enterprises are living entities and their security infrastructures are constantly changing. New access points are introduced every day, users are assigned roles, hardware capabilities develop and complex systems reach the fingertips of everyday users. It’s crucial to constantly review your two-factor authentication plan regularly to make sure that it is able to keep up with these changes. One way to do this is through adaptive authentication which is a kind of contextual authentication article that will trigger policies based on how the login request comes in. Duo offers an administrator dashboard that lets you easily monitor and set these types of policies.