Secuilibrium, LLC
  • News
  • About
  • Contact

Multi-Factor Authentication at LASCON 2014

11/2/2014

0 Comments

 
I gave a talk at LASCON 2014 the other day titled "Multi-Factor Authentication -- Weeding out the Snake Oil". Rather than providing a catalog of selection criteria, this turned into a review of scenarios where throwing additional authentication factors at a problem might or might not make sense. Combined with examples of different solutions currently available, we discussed the types of threats to different environments where different multi-factor solutions might actually be able to help lower your risk.

The resulting message, as is often the case, was this: Even though I keep reminding my less tech-savvy friends that it is really a good idea to enable two-factor authentication for their "free" email accounts no matter what, it's not a one-fits-all solution. You need to understand what risks you are trying to control in order to determine whether multi-factor authentication, or a particular solution, is able to help you with that. Just buying an arbitrary solution that carries the label that's matching the current buzz words does not (typically) solve your issues around user authentication and data security.

The slides are on SlideShare:
0 Comments

    Author

    David Ochel is a technology risk and information security management professional.

    Archives

    January 2015
    November 2014
    June 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013

    Categories

    All
    27001
    Authentication
    BSides
    Byod
    Compliance
    Critical Infrastructure
    Crypto
    EMV
    Endpoint Security
    LASCON
    Mobile
    Multi-factor
    Payment Cards
    Risk
    Risk Analysis
    Risk Assessment
    Risk Management
    Security
    Security Management
    Threat Modeling
    Two-factor

    RSS Feed

© 2015 Secuilibrium, LLC » PRIVACY POLICY « info@secuilibrium.com
✕