Authentication solutions have been around for years. I actually started my cyber career working on one of the original and best two-factor (2FA) products – SecurID. Over the decades, the tech we use, the way we communicate and connect, and the threats we face have changed dramatically. So has authentication.
2FA is now MFA – going from two- to multi-factor authentication. Biometrics have vastly improved from thumb print authentication to facial recognition. I can’t even imagine using my thumb to open my iPhone anymore! There are also new authentication tools specifically built to address certain populations of users like CyberArk, which does everything from managing credentials to enforcing least privilege to monitoring and recording all privileged user activities.
How effective are these newer authentication techniques? Here’s what the three key stakeholders in any endpoint security landscape think.
Sophisticated attackers aren’t usually put off by strong authentication. These technologies, while much improved, aren’t revolutionary and haven’t stopped attackers from successfully breaching organizations. They can seriously slow down attackers, though. Credential theft becomes significantly more challenging, but not impossible, thanks to @gentilkiwi for writing mimikatz. Plus, the proliferation of single sign on (SSO) makes life easier for attackers. Once an attacker is in, they just need to simply wait for the user to authenticate and then can interact on his/her behalf.
Users feel strong authentication isn’t overly burdensome. If we group passwords into the equation, it’s a different story. I don’t know a single person who “likes” passwords, but I know many who hate them so much that they always click on “forgot password.” On the other hand, if we focus on MFA, privileged access management (PAM), and the like, most users aren’t bothered by grabbing their phone to periodically pull up their authenticator app or enter a special code from their email when logging in. SSO has also made life easier for users so they can login once and gain access to everything that’s connected to their account.
IT admins also benefit from SSO. Instead of managing many different authentication methods and systems, authentication consolidation streamlines management tasks. Some solutions offer an app portal, too, which provides a convenient way for IT to centrally manage all users. The main drawback for IT is that it’s rare for all applications to be supported by these tools which leaves outlier systems that can’t easily be managed.
THE BOTTOM LINE ON STRONG AUTHENTICATION
Better authentication is a must-have as it mitigates the risk of one of the most common attack techniques: credential theft. But, defense in depth is always recommended because authentication can’t help against other advanced techniques including man-in-the-middle.