Introduction to Multifactor Authentication
Why do companies need Multifactor Authentication
Every day, the threat of ransomware attacks increase in frequency, sophistication, and effectiveness. Victims of ransomware attacks can be blocked from data, applications, and systems – making an organization unable to function.
Credential compromise is the leading cause of ransomware attacks, because credentials give hackers the access they need to hold your systems hostage. Unfortunately, credentials can be stolen, shared, bought or hacked. Once the hackers gain entry, the threat actors will often look to compromise privileged access credentials to further infiltrate your network and steal sensitive data.
What is Multifactor Authentication
Multifactor authorization ensures that the access credentials presented belong to the actual person. After logging in to the system, when a user tries to access a CipherTrust Transparent Encryption GuardPoint, it triggers a second factor authorization to verify the user with a second form of authentication, like sending a passcode to the users's registered cell phone, that they then have to input into the application.
How does Multifactor Authentication work
The following diagram explains how Multifactor Authentication operates in a CipherTrust Transparent Encryption environment.
Step | Description |
---|---|
1 | Multifactor Authentication is triggered when a user tries to access a file in a GuardPoint. NOTE: Multifactor Authentication is only enforced when a file, in a GuardPoint, is first accessed by the user. Multifactor Authentication is not enforced during IO activity, (read/write requests). Therefore, if the file has already been opened by a user/application, Multifactor Authentication will not be enforced on that file. |
2 | CipherTrust Transparent Encryption sends a message to the Multifactor Authentication provider to verify the user. |
3 | Multifactor Authentication provider sends a verification request to the user's registered device. |
4 | Multifactor Authentication provider confirms/denies user access. |
5 | If confirmed, user has access to the GuardPoint based on the CipherTrust Transparent Encryption access policy. If denied, user does not gain access to the GuardPoint. |
For more information on Multifactor Authentication, see Multifactor Authentication.