Jun 01 2021

Multifactor Authentication Is a Security Must-Have, But Companies Struggle with Execution

Staff buy-in and integration challenges make MFA deployment a moving target. RSA SecurID can help.

Businesses now face a paradox: Both remote and in-office users need streamlined access to critical data assets even as attackers look for new ways to compromise the evolving digital connections that exist on-premises and in the cloud.

Multifactor authentication (MFA) offers a way to bridge the gap, but as noted by recent research, there can be challenges when it comes to user adoption and system integration. As a result, effective MFA deployment is a moving target. Hitting the mark requires streamlined access options that meet employee expectations without compromising corporate security posture.

SecurID can help your business do both.

How MFA Increases Data Security

The security threats that companies must account for continue to increase in variety, yet they all share a common compromise point: access. Consider the uptick in endpoint issues. While 70 percent of threats now infiltrate corporate systems via endpoints, these endpoints range from personal devices to business-issued laptops, unsecured home connections and cloud-based applications. In each case, access forms the impetus for malicious operations.

DISCOVER: Explore how MFA can help defend your organization.

As noted by RSA Product Marketing Consultant Murtaza Hafizji, MFA helps companies take a substantive security step forward by answering two fundamental questions: Who has access to what, and are users who they say they are? By combining something employees know, something they have and something they are — such as one-time passwords, mobile authenticator apps and biometric analysis — Hafizji says that “it’s possible to provide secure access to any application, regardless of where the application resides.”

However, this success is often tempered by companies’ struggle to encourage staff buy-in of new security operations, or the difficulties of integrating MFA solutions across on-premises, cloud-based and work-from-home environments.

How SecurID Simplifies MFA

According to Hafizji, the SecurID risk engine considers two key factors: static rules and user behavior. First, the engine looks at an organization’s policies : What are users doing, and do these actions align with existing expectations? It then assesses behavior: Are users logging in at the same time every day? Have they recently changed their passwords? Where are access requests coming from? On what devices? “The risk engine looks at static policy and considers what the user is doing,” says Hafizji. “It then conducts behavioral analysis to determine if the user is who they say they are.”

SecurID also goes beyond MFA basics with robust risk evaluation, complete customization and streamlined integration. “It’s the trusted identity platform that helps organizations tackle their most challenging identity issues,” says Hafizji, “and it now protects more than 50 million identities in 130 countries worldwide.”

SecurID is also customizable to meet specific MFA needs, he says: “Under its risk-based capabilities, you can set granular policies based on user type or any use case that fits your business. You could use an app on user phones or offer passwordless authentication with a USB key.”

Finally, Hafizji notes that SecurID can be deployed and integrated in whatever way works best for a business. “It can be 100 percent hosted in the cloud, 100 percent on-premises, using a virtual appliance or hybrid configuration, depending on your preference. It integrates with Software as a Service (SaaS), remote access, VPNs, firewalls, legacy apps, cloud-based apps, virtual desktop infrastructure (VDI) and privileged access management (PAM).”

Three Key Benefits of RSA SecurID

SecurID from RSA helps companies achieve MFA — but it also helps them manage evolving security requirements. As noted by Hafizji, SecurID offers ongoing benefits in three key areas:

  • Empowering identity assurance and access capability. "The solution is secure, scalable and reliable,” he says, “and it’s a tested ecosystem with step-by-step instructions.”
  • Ensuring a flexible approach. “If users have established a level of trust, SecurID lets them access multiple applications and services,” says Hafizji. “It can be tailored to the users and the use case.”
  • Enabling a convenient user experience. Hafizji puts it simply: “Security has to be convenient or you won’t get the right reception from users.” SecurID offers a host of authentication options to meet user needs, including tokens, key fobs, apps and push notifications, biometric device and wearables, along with support for FIDO-based authenticators.

Multifactor authentication is now critical to reducing the risk of access-based attacks, but challenges around integration and implementation can hinder rather than help these efforts at scale.

SecurID helps you succeed in these efforts.

Brought to you by:

fizkes/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.