Cookies help us display personalized product recommendations and ensure you have great shopping experience.

Best PracticesData ManagementPrivacySecurity

A Quick Tech Tutorial: Two-Factor Authentication

onlinetech
onlinetech
3 Min Read

Two-factor authentication is a best practice to fulfill authorization and authentication requirements for HIPAA compliance or PCI DSS compliance and can protect your data and business.  To gain a better understanding, Online Tech’s Technical Team shares this quick tech tutorial on two-factor authentication.

Two-Factor Authentication

Two-factor authentication is a best practice to fulfill authorization and authentication requirements for HIPAA compliance or PCI DSS compliance and can protect your data and business.  To gain a better understanding, Online Tech’s Technical Team shares this quick tech tutorial on two-factor authentication.

Two-Factor Authentication

More Read

Image
The Data Lake Debate: Pro Delivers First Rebuttal
The Keys to Discovery: Curiosity and Simple Tools
Genesco Sues Visa Over PCI Noncompliance Fines
3 Ways Automation Tools Use Big Data To Drive Business Growth
The Dirty (Not so Secret) Secret of IT Budgets

Q:  What is two-factor authentication?
A:  Two-factor authentication goes beyond using a user name and password.  It puts a new piece of technology in the mix for better security.

Q: How does two-factor authentication work differently than logging in with a normal user name and password?
A:  Here is an example of how two-factor authentication works.  You have a user requesting access to a system. That user is going to authenticate through a firewall.  It’s going to hit a domain controller to make sure that’s a valid user. Then, it is going to send it to a cell phone and on that cell phone it is going to say approve or deny access.

Once that cell phone sends it to the firewall permission is granted and the person has VPN access. If they don’t have a valid user name, password, or the cell phone setup correctly; they will not get access to the system.

This puts a high level of security into an environment.  So, in this example the cell phone becomes the second factor of authentication and the user name and password being the primary.

Q: Who Should be Using Two-Factor Authentication?
A:  Two-factor authentication is a requirement for PCI compliance. The PCI requirement 8.3 states:

Incorporate two-factor authentication for remote access (network-level access originating from outside the network) to the network by employees, administrators, and third parties. (For example, remote authentication and dial-in service (RADIUS) with tokens; or other technologies that facilitate two-factor authentication).

Anyone with PCI needs to have two-factor authentication.  It would be great idea for businesses that have medical records or social security numbers.  Anyone with sensitive data should be using two-factor authentication in their VPN.

TAGGED:
Share This Article

Follow us on Facebook

Latest News

Hidden AI, a risk?
Hidden AI, Real Risk: A Governance Roadmap For Mid-Market Organizations
Artificial Intelligence Exclusive Infographic
unusual trading activity
Signal Or Noise? A Decision Tree For Evaluating Unusual Trading Activity
Analytics Exclusive Infographic
Ai agents
AI Agent Trends Shaping Data-Driven Businesses
Artificial Intelligence Exclusive Infographic
Why Businesses Are Using Data to Rethink Office Operations
Why Businesses Are Using Data to Rethink Office Operations
Big Data Exclusive

Stay Connected

You Might also Like