access control
qkiii123
peerreview.docx10 hours ago
UDAYKUMAR CHALAPATHY NAIDU
Discussion
COLLAPSE
窗体顶端
Question 1
Providing multi-factor authentication to the company executives alone is not the best strategy for cybersecurity. (S Bezzateev, 2018)A company should therefore implement every employee in such a strategy. Multi-factor authentication (MFA) is a protection solution that enables individuals to confirm their identities using several verification factors to get the employees' identities. It has intended to increase account security by preventing unauthorized access permission by going above the minimum degree of protection that can accomplish with just a solitary element of authentication, which is often a passcode.
Since a credential is stolen in the overwhelming bulk of cyberattacks, equipping your workers with multi-factor authentication would go a considerable distance against preventing malicious thieves from entering into the company system. Theft of login details is perhaps the greatest prevalent technique for cybercriminals to gain access to corporate systems. Whether the primary objective is to retrieve passwords, execute a cyberattack, or engage in any other version of computer crimes, the threats pose a significant threat to businesses of all sizes. However, there is one item that internet security groups can do to assist secure the connectivity and its clients from malicious hackers. Multi-factor authentication should be available to 100% of the persons who access business system 100% of the period." (D Dasgupta, 2017) Multi-factor authentication essentially compels the individual to authenticate it was indeed actually themselves that attempted to enter into his profile, improves protection in two different ways. Firstly, unless a digital thief has the right login information; it becomes much more challenging for them to get into an organization. Secondly, if multi-factor authentication prevents a connection session that was not initiated by the owner, it indicates possibly anomalous behavior and therefore can function as a warning sign of malicious hackers seeking to penetrate the organization.
Question 2
Of course, having a multifactor authentication for some applications is secure for information management. Multifactor authentication (MFA) can be configured at the application level. By adding multi-factor authentication (MFA) to an application, users offer an extra layer of protection to that app. (Bissada, 2017)to connect directly, the business consumers that designate it to should react to strong verification parameters. If business consumers haven't yet completed so, they will be requested to establish their supplementary validation credentials for the independent variables you selected the very next moment they try to start an application with app-level Authentication. If SMS is a set as an extra component, for instance, individual users must supply contact information where they may get Sms messages. This will keep the employees updated on what is going on and the information of the company will indeed be secure with this type of multifactor authentication strategy.
References
Bissada, A. (2017). Mobile multi-factor authentication.
D Dasgupta. (2017). Multi-factor authentication. Advances in User Authentication.
S Bezzateev. (2018). Multi-factor authentication: A survey.
窗体底端
20 hours ago
Pratap Raju Nandyala
discussion
COLLAPSE
窗体顶端
Do you agree that deploying MFA only to executive is a secure approach to access management? Why or why not?
The way of implementing the multi factor authentication methodology is completely depend upon the type of the information that was stored in an application. For an instance in any banking process most of the banking profile should follow the multi factor authentication method because it's a listing of the one-time password transaction system and it contains a password as it also includes a profile password that can make sure that the detail in the first step to be provided by the user and not by any cyber attacker. The IT companies it is not mandatory to implement the multi factor authentication protocol in all the users ID's. The reason behind this was the executive ID’s are very important portal and they can also consisting of certain important information with respect to the company and in the marketing process it can also lead to the economic loss and they should be secured by using the multi factor authentication protocols. The main ideology of the MFA protocol is to make sure that there is a decreasing in the possibility of the successful cyber attack as that was implemented in a two-step procedure that is the user verification process as before they can approve the access to the information. At present the companies are moving towards the cloud computing system and they should wait to the users also include the executive to follow all the multi factor authentication protocols in order to make sure all the security aspects (Rusdan, 2020).
Multi-factor authentication is actually one of the best approaches that can be utilized by all the companies or that the data or the information cannot be used by any other people. This type of approach would always be helpful for the companies in order to maintain the information to the people with some limitations of the company and when someone new people those who want to access later then there is a requirement to utilize the verification code or they can take the approval from the users who are authorized. Also there were some of the companies that can allow the MFA to the executive only so that they can also able to manage the cost and also the can thought that the data can be protected as if they can main the users to be authorized. Moreover it is also a correct procedure of making it because there was a lot of the information can be done from any level as the data close to each and every person of the company. The MFA should also be used for all the members of the company in order to give the best results (Chen, & Lee, 2014).
It is also stated that there are some type of applications only they can require these MFA but that is not at all true because the data that was used by the company is also secured in the devices and there are different kind of hackers that always try to attack some type of applications that cannot the using the MFA and hence it is also not safe for the data. This is one of the best type of approach as if any company was using either of them and they can also help the data to be secure and there was no other ways to left and to lose the information. The best way is MFA can make the data to be very safe from the hands of the attackers and this can also helps in restricting access from the data only for the people having certain limitations as it can give the access of the data (Gill, & Jones, 2016).
Do you agree that requiring MFA for only some applications, regardless of user type, is a secure approach to access management? Why or why not?
It is not true that a type of secured approach that can access management is maintaining by using the multi factor authentication only in case of some of the applications without regarding the user type. For all the types of the uses that can be various kinds of the multi factor authentication protocols. For an instance , in any specific banking portal if the user has need only to see the banking transactions and not to make any type of online transaction when the user can only be used with the two step authentication protocol in which there was the username and also the one-time password that can be needed to see the transaction. On the other way is the user also need to see the transaction and also to perform certain transactions in the portal should be developed wait a password for the transaction and that should be asked only when the user was confirmed about the initiation of the transaction. Also there are three main factors of the authentication that cancel an approved for the user like possession, knowledge and also inherence. The process of multi factor authentication is quite different from the multi step verification as the multi step verification is actually difficult the process for the multi factor authentication is very simple process. It is also defined as a type of the identity access management protocol that can be very helpful to secure the passwords with one or more ways of the identification (Hong, 2015).
References
Chen, C., & Lee, C. (2014). A two-factor authentication scheme with anonymity for multi-server environments. Security And Communication Networks, 8(8), 1608-1625. doi: 10.1002/sec.1109
Gill, G., & Jones, J. (2016). MULTI-FACTOR AUTHENTICATION AT JAGGED PEAK. Muma Case Review, 1, 001-016. doi: 10.28945/3557
Hong, S. (2015). Multi-factor User Authentication on Group Communication. Indian Journal Of Science And Technology, 8(15). doi: 10.17485/ijst/2015/v8i15/72941
Neware, R., Shrawankar, U., Mangulkar, P., & Khune, S. (2020). Review on Multi-Factor Authentication (MFA) Sources and Operation Challenges. International Journal Of Smart Security Technologies, 7(2), 62-76. doi: 10.4018/ijsst.2020070104
Rusdan, M. (2020). Designing of User Authentication Based on Multi-factor Authentication on Wireless Networks. Journal Of Advanced Research In Dynamical And Control Systems, 12(1), 201-209. doi: 10.5373/jardcs/v12i1/20201030
窗体底端
