As discussed in our last post, adopting a strong multi-factor authentication solution in defense of cyber attacks is sound business advice. But what are the key criteria when evaluating the wide range of authentication solutions on the market? It is clear that not all solutions are created equal and not all enterprises have the same rigid requirements.
Let’s look at the final few categories that warrant consideration when evaluating an authentication solution for your business:
As businesses grow, their IT systems need to scale to support increased workloads while maintaining expected performance levels. Yet, despite its importance, scalability is poorly understood. Simply put, scalability is a measure of a system’s ability to provide increased throughput, reduced response time and/or support more users when hardware resources are added.
Be sure not to confuse the words performance and scalability, as some vendors will use them interchangeably. They are distinct: performance measures the speed with which a single request can be executed, while scalability measures the ability to maintain performance under increasing load.
The modern enterprise consists not only of internal constituents, but an expanding list of third-party vendors, service providers, suppliers and independent consultants. To enhance business agility, these third-parties have been integrated into the enterprise network, but in the process have become one of its biggest security exposures. Strong authentication solutions need to easily adapt to include partner access controls using the same methods deployed inside the enterprise network.
Security threats to the enterprise network are continuously evolving. Cyber criminals don’t give up and go home when security countermeasures are brought online. Instead, they adapt to enterprise security systems, searching for and finding new exposures to exploit. Always ask vendors to show how their product has evolved and provide a future roadmap as well. This is the best way to evaluate their agility and responsiveness to emerging threats and ultimately, their viability as a security vendor.
Just as the security landscape is constantly morphing, the authentication needs of organizations change too. Strong authentication solutions need to provide flexible deployment models and allow IT security administrators to change the mix and types of authentication factors quickly and efficiently as the need arises.
The age of mobility is upon us. This is nowhere more apparent than in the global dispersion of enterprise workers. Strong authentication solutions need to support all mobile use cases with authentication methods that are tightly integrated into their core authentication architecture.
As mentioned above, businesses are under increasing regulatory pressure requiring them to continually monitor and control access to enterprise resources based on granular policy definition. It’s not just a good idea, it’s the law. Failure to comply with governmental and industrial compliance mandates can result in crushing fines at best and criminal charges at worst.
We hope you have found this two-part posting useful as you begin your evaluation of multi-factor authentication solutions.
To learn more on what to consider, download our Multi-Factor Authentication Buyers Guide.
Chris Trytten has over two decades of technical and managerial experience in systems and security at leading companies in Silicon Valley, including positions with Crossmatch, DigitalPersona, Interlink Networks, Apple, Siemens and Amdahl. In his current position as Market Solutions Manager at Crossmatch, he is using his experience serving the Financial and Retail markets by guiding the product and market teams to address the security needs of these industries. Chris is the author of multiple security white papers and articles.