7 - Choosing the Right Authentication Mechanisms

How do you choose the right MFA mechanism for your environment? The following are key variables to consider.  


  • Strength: What is the appropriate level of security for protecting resources with varying levels of sensitivity


  • IT benefits: Is the authentication method easy to deploy? Will it require additional IT resources? Can it work across multiple channels (e.g., online, telephony, etc.)?


  • User benefits: Is the authentication method easy to use? Will end users accept the new process? Do your users have a device capable of supporting a particular mechanism? Will users be concerned about privacy?


  • Industry-specific benefits: Do aspects of the authentication method make it better suited for your industry or functional area? For example, if employees have to wear gloves to do their jobs, fingerprint scanning is not the best choice.


  • Initial purchase cost: Will the cost per user grow each time you add a user? What’s the replacement cost, both for the device and its associated administrative burden?


  • Deployment cost: What are the costs associated with deploying the authentication mechanism? Is client hardware or software required? If so, how is that distributed to customers and what are the associated costs?


Chapter 8