According to the Bitglass 2018 BYOD Report, 51 percent of 400 surveyed IT experts say mobile device threats have increased, but only 30 percent feel they are correctly guarding against them. That’s a big problem for sectors like healthcare, finance, and government that are turning to multi-factor authentication solutions to secure data access in the mobile age.
Multi-factor authentication is widely seen as the most viable approach to user access security across these and other sectors. Despite its many benefits, a centralized approach to roll-out has proven to be a challenge for IT teams and end users for several reasons. First off, all multi-factor authentication methods are not created equal nor do they use the same form factors and application methods.
Depending on the form factor and implementation method, MFA can get pushback from the workforce, IT teams, and those that must contain costs in an enterprise. Each group has the following concerns:
• Workforce fears of inconvenience and user friction for system, applications, databases, mobile devices, and desktops
• Technical implementation and management complexity by IT and system administrators
• Unrestrained implementation, rollout, and ongoing management costs of the systems
A perfect example of challenges with standalone MFA solutions is remote access to the email exchange server where security concerns are an ever-present issue. Traditional VPNs fall short of the data-in-transit security needs for PHI, PII and other sensitive data that must flow beyond the safety of the network.
Here is where exchange online multi-factor authentication becomes a dual challenge for enterprises. On the one hand, end users, IT personnel, and exchange administrators must deal with constant VPN access permission sign on and possible data in transit security challenges posed by traditional VPN. Traditional VPNs also put data at risk by transporting data between the network and the device.
Healthcare, finance, and government entities are continually dealing with staffing changes and contractors that will need temporary access to a wide variety of systems and applications. This makes for a great deal of work for IT teams and system administrators that must track and manage those access permissions cycles. The best way to address these challenges collectively is via a single adaptable form factor that can deliver an ideal UX and broad integration capabilities while providing trusted security and cost-effectiveness.
Fragmented identities and decentralized apps pose broad security risks and enforcement issues for Software as a Service (SaaS), cloud, and on-premises applications. The constant challenge of identity sprawl can mean that users are routinely shut out due to changing access needs. They also can experience access delays that make them frustrated advocates against some cumbersome multi-factor authentication solutions.
The age of the mobile workforce and BYOD is here to stay so the workforce must have secure remote access to network systems and applications wherever they may be in the world. This puts a spotlight on multi-factor authentication methods and implementation, which makes the concept of a traditional centralized system more problematic.
Overcoming these challenges requires enterprises and organizations to find an MFA solution that has the following qualities:
• A holistic approach to validating users and devices.
• A single method of access that is easily adaptable to access permission trees
• Ensures that data never leaves the network or resides on the device
These aspects have a profound effect on application access that requires highly specific user needs and those that have broad use but requires many security, monitoring, and management functions. The ability to safely and quickly administrate exchange online multi-factor authentication across Office 365 and email exchanges is just one example of the latter.
The overall goal for an enterprise is to choose a solution that makes centralized MFA flexible, simple, cost-effective, efficient, and adaptable (anywhere anytime access). When these solutions integrate with broader security and device management approaches, meeting changing access and security needs across financial, healthcare, and government entities are achievable.