Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Optiv Cybersecurity Dictionary
2-factor authentication (2FA) requires both knowledge (like a password) and something tangible (such as a hardware or software authentication system) to gain access to a protected computer system.
By some definitions, multi-factor authentication (MFA) takes that one step further by also requiring something that is unique to your physical being (like a fingerprint or retina or behavior) in order to authenticate an identity. However, the term MFA is often used when there are only two factors. In traditional 2FA, the authentication device can be either hardware based (such as a token) or software based (such as a mobile app).
The role of the authentication device is to generate a unique and temporary cryptographic code that must be input, in addition to a password, to gain access to a computer resource. Without this code, an attacker who has compromised a user's password cannot gain access to the protected resource – making 2FA a minimum-security best practice.
Your data’s no longer safe if it’s protected by a password alone. Even long and secure passwords can be recovered in a matter of minutes with the right software. Hackers these days, amirite?! While strong passwords still play an important role in securing access, they’re now sharing the stage with other identity-authenticating requirements. Enter MFA, which calls for users to present two or more factors to prove their identity.
Unless all required factors align, it’s access denied, and that’s great news for you if someone got ahold of your password. MFA is not a simple suggestion anymore; it’s an absolute must for any SaaS app, website or SSO portal. As mentioned in the White House EO, fundamental security practices across the nation must implement MFA to ensure an additional layer of protection against unauthorized entries.
Given the volatile state of cyberspace, we’d recommend implementing MFA as soon as possible. (Like, yesterday.) Let our Identity team help your organization carry out a stronger authentication strategy, all while reducing user friction.
How to Implement MFA
Hardware authentication is an approach to user authentication that relies on a dedicated physical device (such as a token) held by an authorized user, in addition to a basic password, to grant access to computer resources.
See Full Definition
Identity Access Management (IAM) represents the processes, technology and people used to create, manage, authenticate, control and remove user (internal, external or customer) permission to corporate technology resources.
Adaptive authentication is a method for selecting the right authentication factors depending on a user's risk profile and tendencies, adapting the authentication type to each situation.
October 30, 2020
By layering MFA with contextual risk-checks, organizations can mitigate IAM threats and better focus on digital initiatives and business outcomes.
April 08, 2021
Authentication factors like biometrics, WebAuthn/FIDO2.0 and mobile apps with push notifications provide the best security defense.
March 22, 2021
MobileIron MDM exposes account enumeration and SFA to unauthenticated attacks. This analysis details how to mitigate this vulnerability.