Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Best PracticesData ManagementPrivacySecurity

A Quick Tech Tutorial: Two-Factor Authentication

onlinetech
onlinetech
3 Min Read

Two-factor authentication is a best practice to fulfill authorization and authentication requirements for HIPAA compliance or PCI DSS compliance and can protect your data and business.  To gain a better understanding, Online Tech’s Technical Team shares this quick tech tutorial on two-factor authentication.

Two-Factor Authentication

Two-factor authentication is a best practice to fulfill authorization and authentication requirements for HIPAA compliance or PCI DSS compliance and can protect your data and business.  To gain a better understanding, Online Tech’s Technical Team shares this quick tech tutorial on two-factor authentication.

Two-Factor Authentication

More Read

December 2011 issue of the R Journal: An overview
Operational Analytics Adds Up
Facebook’s ThreatExchange to Help Cyber Security Experts Coordinate Their Efforts Against Hackers
From Data Ownership to Data Usage: How Consumers Will Monetize Their Personal Data
Why Is Data Loss Prevention is Crucial for Business?

Q:  What is two-factor authentication?
A:  Two-factor authentication goes beyond using a user name and password.  It puts a new piece of technology in the mix for better security.

Q: How does two-factor authentication work differently than logging in with a normal user name and password?
A:  Here is an example of how two-factor authentication works.  You have a user requesting access to a system. That user is going to authenticate through a firewall.  It’s going to hit a domain controller to make sure that’s a valid user. Then, it is going to send it to a cell phone and on that cell phone it is going to say approve or deny access.

Once that cell phone sends it to the firewall permission is granted and the person has VPN access. If they don’t have a valid user name, password, or the cell phone setup correctly; they will not get access to the system.

This puts a high level of security into an environment.  So, in this example the cell phone becomes the second factor of authentication and the user name and password being the primary.

Q: Who Should be Using Two-Factor Authentication?
A:  Two-factor authentication is a requirement for PCI compliance. The PCI requirement 8.3 states:

Incorporate two-factor authentication for remote access (network-level access originating from outside the network) to the network by employees, administrators, and third parties. (For example, remote authentication and dial-in service (RADIUS) with tokens; or other technologies that facilitate two-factor authentication).

Anyone with PCI needs to have two-factor authentication.  It would be great idea for businesses that have medical records or social security numbers.  Anyone with sensitive data should be using two-factor authentication in their VPN.

TAGGED:
Share This Article

Follow us on Facebook

Latest News

street address database
Why Data-Driven Companies Rely on Accurate Street Address Databases
Big Data Exclusive
predictive analytics risk management
How Predictive Analytics Is Redefining Risk Management Across Industries
Analytics Exclusive Predictive Analytics
data analytics and gold trading
Data Analytics and the New Era of Gold Trading
Analytics Big Data Exclusive
student learning AI
Advanced Degrees Still Matter in an AI-Driven Job Market
Artificial Intelligence Exclusive

Stay Connected

You Might also Like