guide

Ultimate Guide to

Multi-factor Authentication

1 - Make Sure Your Users Are Who They Say They Are

2 - Deconstructing MFA: Evolution, Authentication Factors, & More

3 - Benefits of Adaptive MFA

4 - Use Cases for Adaptive MFA

5 - How Adaptive MFA Works

6 - Improve Security & Experience with Adaptive MFA

4 - Use Cases for Adaptive MFA

Adaptive MFA is ideal when your use cases have expanded outside the traditional firewall to include both managed and unmanaged devices, as well as on-premises and cloud apps. As digital transformation and other modernization initiatives require that you provide increased access to confidential information, you need a more sophisticated approach to authentication.

 

Of course, this is the new reality for most if not all organizations, so adaptive MFA is often applicable across the user spectrum—from your workforce to your customers to your partners—and a range of industry verticals. 

 

Workforce: Improved Security & Productivity

It’s an understatement to say that managing access for today’s workforce is more complex than it used to be. Beyond typical employees, many organizations must extend access to other workforce-related users, including independent contractors, subcontractors, franchisees and the list goes on. Adding to this complexity, employees and other “internal users” are often externally located, making the focus on perimeter-based security a relic of the past. 

 

Adaptive MFA makes it easier to extend secure access to these users by allowing them to access resources from any location and any device, as well as gain access to all applications and APIs, whether on-premises, SaaS-delivered or in public or private clouds. By enabling access from anywhere, adaptive MFA allows your users to work from anywhere—and be more productive. And because it’s adaptive based on context, legitimate users exhibiting typical behaviors gain quicker and easier access to resources, improving productivity and experience. 

 

Because remote workforce access was the primary driver for MFA adoption in the enterprise, out-of-the-box integration with popular VPN solutions remains a common requirement. But many of today’s enterprise resources are hosted outside of the firewall, and the proliferation of stolen credentials as an attack vector is driving CISO-level initiatives to implement MFA everywhere. 

 

Everywhere is a broad term, but enterprise considerations should include common and emerging use cases, and the out-of-the-box integrations that coincide with faster time to value. You can use modern MFA to protect traditional web applications, as well as additional resources and the channels used to access them, like:

  • VPN access

  • Web SSO

  • Remote desktop

  • Privileged access

  • Workstation and network login

 

learn more about improving usability and productivity with MFA

Customers: Better Experience

Regardless of whether you’re a household brand name or a B2B provider, your customers want to interact with your organization online and across multiple channels. In response, you must provide the secure access and consistent experiences they’ve come to expect. If the authentication process is inconsistent, inconvenient or overly persistent, your customers can become frustrated and opt out.

 

Adaptive MFA as part of a customer identity and access management (IAM) approach provides a consistent and strong authentication experience regardless of the channel customers use to interact with your business. You can set policies to require second authentication factors (such as SMS or biometrics on a mobile device) based on an assessment of contextual or transactional risks. You can also integrate MFA functionality directly into your own customer-facing mobile app. Embedding adaptive MFA into your existing mobile application can further increase both convenience and security for customers.

 

Typical use cases for customer MFA include:

  • Password resets

  • Device authorization and management

  • Website sign-on

  • Transaction approval

  • Passwordless authentication

  • Identity confirmation

 

learn more about streamlining customer experience with MFA

Partners: Secure Access

Providing access to partners is yet another reality for many organizations. But between managing varying levels of access and accommodating your partners’ identity and access management (IAM) capabilities, enabling that access securely and conveniently can feel like a tall if not impossible order. What’s more, you don’t have access to HR information to guide the enabling and disabling of access privileges, leaving the potential for a former partner employee to maintain access to your resources. 

 

Like with other uses case, adaptive MFA allows you to set and enforce policies to address the diverse requirements of providing partner access. When you implement adaptive MFA for partners in combination with single sign-on (SSO), you can also streamline partner onboarding, while eliminating the headaches of managing partner password resets and avoiding the risks of managing partner identities.

 

 

learn more about partner IAM with MFA

Federation: Connect Any User on Any Device to Any Application

Today’s modern enterprises serve multiple different identity types, from workforce to customers to partners. This complex ecosystem is most effectively managed by identity federation, which provides a bridge to connect all of those different user identities in one place and reduces your administrative overhead. A versatile federation solution can solve your current and future identity management challenges. As your organization evolves to allow more users to securely access the applications they need, a single authentication authority will be essential.

 

learn more about federation

Industry Applications for Adaptive MFA

Adaptive MFA provides advantages for a number of industry verticals, including but not limited to financial services, retail and healthcare. 

 

  • Financial Services

    Protect High-Risk Scenarios & Achieve Regulatory Compliance

    As the keepers of such valuable information as social security numbers, online banking credentials, financial account info, mortgage terms and insurance details, financial services organizations are a prime target for hackers. But customers still want to be able to access their accounts and make transactions quickly and easily.

     

    Adaptive MFA is a perfect fit for the financial industry, providing a comfortable sense of security for customers in high-risk situations like during high-value transactions or large-volume transfers, while allowing low-risk activities to continue without interruption.


    Strong multi-factor authentication also helps financial organizations satisfy regulatory requirements like Open Banking in the UK, Europe and Australia, which opens third-party access to consumer data in a secure manner, and New York’s 23 NYCRR 500, which addresses the heightened risk of cybersecurity threats in the financial services industry.

    learn more
  • Retail

    Provide Frictionless & Consistent Customer Experiences

    As retail becomes increasingly cutthroat (often called the Amazon Effect), retailers are looking to digital innovation to maintain a competitive advantage. New retail channels and digital properties provide new ways to gain customer affinity and loyalty. But they also require more security. While MFA can provide the security retailers need, it traditionally added friction to the customer experience. And nothing will kill competitive advantage quicker.

     

    MFA is your best defense against compromised customer credentials. It’s even required in regulatory requirements such as PCI DSS. But beyond security, modern MFA also realizes that you can’t prioritize security over customer experience. Adaptive MFA enables you to strike the perfect balance and ensure secure, convenient and seamless customer transactions. 

     

    learn more
  • Healthcare

    Improve Experience without Compromising Security

    To differentiate themselves, market leading healthcare organizations are investing in improved experiences across their networks. But as updated facilities and patient personalization become table stakes, payers and providers must seek out unique ways to delight their patients and members across the spectrum of care. 

     

    Whether they’re ordering a no-foam triple grande latte or seeking a dermatologist to do a skin-cancer exam, today’s consumers have high expectations about the convenience and consistency of their digital interactions. In addition to securing PII and PHI, modern MFA allows you to improve healthcare experience by offering modernized communication methods, convenient ways to verify identity, improved access to online resources and the ability to quickly provide health data access to third parties. 

     

    learn more
chapter 5