09.9.2020

Devin Partida, Editor-in-Chief of ReHack.com, tapped Optimal IdM for her recent blog, “The Best Secure Authentication Methods for Teams Working from Home”. 

Let’s face it, work from home will continue to be the norm for some time.

The Best Secure Authentication Methods for Teams Working From Home

Due to the COVID-19 pandemic, many teams are working from home, and some will do that for the foreseeable future. That dramatic and relatively abrupt change caused many companies to think differently about things like authentication and cybersecurity.

Research published in June 2020 by IBM X-Force Red found that nearly 50% of people working from home worry about impending security threats in those new settings.

As people adjust to the new circumstances, some primary goals are to give the appropriate parties access to the resources they need to work remotely without compromising a company’s security.Here are four of the best secure authentication methods for teams working from home to help those aims happen:

1. Physiological Biometrics

Physiological biometric solutions measure a person’s physical characteristics to verify their identity. These solutions are ideal for remote workers, especially since many people may choose to get productive in coffee shops or co-working spaces if their homes are too loud or otherwise not conducive to worthwhile workdays. Public spaces make it easier for strangers to watch as a person types in their password.

Facial recognition is a biometric solution that most people already know and understand, meaning it’s easy for them to adopt. One platform for people working at home has biometric authentication and even checks for individuals in the background that may be trying to see someone’s details. Using biometrics also eliminates passwords and tokens that people may lose or forget.

2. Multifactor Authentication

The passwords people choose are often not secure enough to protect accounts from unauthorized access. That’s why multifactor authentication (MFA) is now widely used. It mandates that people fulfill more than one authentication requirement. That makes sense because it’s exponentially harder to hack two or more methods.

Users typically type their selected, long-term passwords first. Next, they receive single-use, time-sensitive passwords, often sent via email or to their phones. This approach means it’s useless to know only one authentication requirement. MFA is a smart choice for people working from home, especially since they often can select their preferred method for receiving the one-time code.

3. Single-Sign-On

Authentication and cybersecurity can both seem overwhelming to everyday users. That’s especially likely if people have dozens of passwords to remember daily. Some employees may gripe that it feels like they spend more time logging into various systems than using those resources to get work done.

These frustrations—combined with people using an ever-increasing number of passwords—made many companies adopt a single-sign-on (SSO) system. Parties get authenticated on a dedicated platform and can then access various services and interfaces without needing to log in and out of each one. This setup improves the user experience by reducing friction. Working from home can put people under new pressures. SSO ensures access is not among the new challenges.

4. Zero Trust

The foundation of the zero-trust model is that organizations must not show automatic trustworthiness to any party trying to access a network or some of its resources. Many zero-trust models utilize MFA, but they don’t stop there. For example, most employers grant least-privilege access to each user and device to minimize the attack surface. They also use endpoint detection to spot malicious events in real-time.

The Cigent Dynamic Data Defense Engine™ (D3E) offers zero-trust file-access controls that protect content from theft and ransomware. It works even when criminals bypass other preventive authentication and cybersecurity measures. Some zero-trust infrastructures have self-service and automated components that let people request access to the resources they need. Such a setup is particularly convenient for those working from home outside of regular business hours.

Companies Can Make Working from Home Safer

Authentication and cybersecurity are two topics that must be kept top-of-mind, especially at companies where all or most people work from home. These options can ensure that only authorized people get access to networks and resources, no matter where they are when requesting it.

About the Author

Devin Partida is the Editor-in-Chief of ReHack.com. She covers topics related to cybersecurity, smart tech and big data.

Tags

  • The database in which all of your organization’s sensitive identity data is stored.
  • A digital ledger in which digital transactions are recorded chronologically and publicly.
  • Securely managing customer identity and profile data, and controlling customer access to applications and services.
  • The means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems.
  • A legal framework that sets guidelines for the collection and processing of personal information of individuals within the EU.
  • The policy-based centralized orchestration of user identity management and access control.
  • An authentication infrastructure that is built, hosted and managed by a third-party service provider.
  • A security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction.
  • A global provider of innovative and affordable identity access management solutions. 
  • Managing and auditing account and data access by privileged users.
  • Tools and technologies for controlling user access to critical information within an organization.
  • An authentication process that allows a user to access multiple applications with one set of login credentials.