OneLogin Introduces Adaptive Authentications Capabilities
By now, we should all be aware that passwords are generally insufficient to secure anything worth securing. Enterprise security teams have known for years, and the generally accepted best practice has been to implement Multi-Factor Authentication (MFA) solutions.
MFA solutions take traditional, knowledge-based Auth factors, such as passwords and up the security by adding additional factors such as possession factors (something you have) and inherence factors (something you are) to the authentication process. This could mean a hard token, or a biometric, such as a fingerprint.
But as any InfoSec pro knows, securing corporate environments is a careful balancing act between security and user convenience. Now, OneLogin is looking to make finding that balance a little easier with its newest updated, adaptive multi-factor authentication.
OneLogin’s adaptive authentication tracks a user’s movement across networks, devices, browsers, and geographies over time, and uses machine learning to build a user profile against which new login attempts and password resets can be scored by risk. Some of the factors included in the scoring are IP reputation, device fingerprinting and geographic location. At the time of authentication these factors are scored against the user’s profile and the number of required authentication factors are adjusted accordingly.
The number of authentication factors required by a user in a given situation is based on risk. When risk is high, OneLogin prompts the user to authenticate with multiple factors, which risk is low, it doesn’t. For example, if a user who commonly logs into work in Boston logs into the network from a device in Russia, multiple auth factors would be required.
Adaptive authentication is available today at $3 per user per month and works with both OneLogin and other third-party authentication vendors integrated with OneLogin, you can read more about adaptive authentication here.