As a well-informed security professional today, you’ve recognized the need for continuous combat against the increasingly perilous threat landscape, populated by highly skilled and persistent intruders. You’ve known that simple password protection is insufficient to protect “crown jewel” data and want to incorporate multifactor authentication (MFA) for your critical digital assets into your defenses.
So now that you recognize the need to implement multifactor authentication for your organization, where to start?
Choosing an appropriate set of access policies to fit all your target resources, across all your user populations, can be challenging given all the possible choices available. Today, there is a wide variety of password alternatives to help deter infiltration, and more are emerging. RSA SecurID Access supports many such methods across hundreds of digital resources from “ground to cloud” - basic VPN protection to latest SaaS cloud applications such as Microsoft Office365.
To help you navigate the process of selecting the most appropriate authentication methods and policies for your organization, RSA has developed a white paper which discusses RSA Security’s recommended approach for developing multifactor authentication policies for your organization. The key considerations include:
- Setting clear business goals, to guide tradeoffs between cost, convenience (usability), protection strength and implementation complexity
- Taking a phased approach to deployment - think big but start small with a limited pilot
- Assessing your user population, understanding both the risk profile of their resource access and their tolerance for authentication complexity
- Evaluating the target resources you need to protect, understanding the risk exposure of your business should they be breached
- Investigate the array of authentication methods available to you, and consider the tradeoffs between security strength, convenience, cost and administrative complexity
- Taking into account all the above, formulate your access policies, adding in context-based risk analysis to both security and convenience
- Remembering to include end user education as part of your rollout plan.
- Formulating your MFA implementation as part of a larger Identity and Access Management (IAM) strategy within your overall Enterprise Security foundation.
Please see: https://community.rsa.com/docs/DOC-97431
Furthermore, to supplement this guidance, expert assistance is available. RSA’s highly experienced Professional Services team and certified partners can help you navigate the myriad of access security choices available, following these best practices.
For more on RSA Security’s solutions and services, please visit: www.rsasecurity.com or consult with your RSA Security representative.