A secure security infrastructure is built on the user’s permissions and two-factor authentication. They reduce the chance of accidental or malicious insider threats, limit the impact of data breaches, and ensure compliance with important site regulatory requirements.

Two-factor authentication (2FA) requires a user to input credentials from two different categories to be able to log into an account. It could be something the user is familiar with (passwords, PIN codes or security questions) or something they’ve got (one-time verification code that is sent to their mobile, or an authenticator application) or something they are (fingerprints facial or retinal scan).

2FA is usually a subset of Multi-Factor Authentication which includes more than two factors. MFA is a requirement for certain industries, such as healthcare banks, ecommerce, and healthcare (due to HIPAA regulations). The COVID-19 pandemic also brought new urgency to security for organizations requiring two-factor authentication for remote workers.

Enterprises are living organisms and their security infrastructures are constantly changing. Access points are added every day, users switch roles as well as hardware capabilities change and complex systems are put in the fingers of everyday users. It’s important to regularly reevaluate your two-factor authentication process at regular intervals to ensure that it’s up to date with these changes. Adaptive authentication is one way to achieve this. It’s a type of contextual authentication that triggers policies depending on the time, location and when the login request is received. Duo offers a centralized administrator dashboard that allows you to easily manage and set the policies of these kinds.