Security News > 2021 > August > Not all authentication is created equal – and that’s a good thing
According to Bethlehem, the first problem is that organisations have built up a complex authentication fabric made up of accounts, passwords, and various identity validation methods, often weakly managed in a way that leads to gaps and inconsistencies.
Enforcing multi-factor authentication across the board is a minimum these days, but there are a range of issues organisations need to consider when jumping, advises Bethlehem.
"If a user leaves the organisation, there should be an automatic workflow that notifies the authentication system so that the user's authentication is revoked."
Undoubtedly, a mixture of security monitoring, identity management and authentication are the best answers most security designers can come up with today.
"Ultimately, given the number of apps that users need to log into on a daily basis, and the increasing aggressiveness and sophistication of cyberattacks, organisations would do well to adopt an authentication everywhere approach."
"Because user authentication needs are complex, this cannot be one size fits all. Organisations need to be able to implement different types of authentication - contextual, push, hardware - so assets are always protected at the point of access while at the same time ensuring a convenient login experience."