Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Adopt and Adapt: How to Get Authentication Right
April 8, 2021
Enter NIST. The National Institute of Standards and Technology sets security compliance standards for US government agencies, organizations that handle government data and companies who supply the federal government with products and services. Even if you don’t need to comply with NIST, its publications offer best-practice policy guidance that helps your business get security right.
When it comes to authentication, NIST recommends that companies analyze their risk profile. Consider the harm that could arise if an attacker gains access to your system. If there’s a high risk of financial or reputational damage, compromised personal safety, release of sensitive information, harm to public interests or civil or criminal violations, you need to implement multi-factor authentication (MFA) – and the factors you choose must verify with strong assurance that only the right people can access the right resources.
Not all authentication factors are created equal, however. Each offers a different degree of usability and confidence in validating a user’s identity. We’ll lay out the most common factors and highlight the ones to implement for maximum security and NIST compliance.
While low assurance authentication factors are easy to deploy and use, they offer weak resistance to account takeover. They might be suitable to use in low-risk situations – like when using an app that doesn’t hold sensitive information – but we recommend prioritizing other authentication methods over these.
These factors provide a balance of usability and security, with some drawbacks to keep in mind. Consider implementing them along with factors that offer even stronger assurance.
These factors offer the strongest assurance that only authorized users can access your system.
No method of authentication is a silver bullet against all threats, but by combining several high assurance factors, you stand the best chance of mitigating risks and keeping your organization safe. A mix of biometrics, WebAuthn, push mode authentication and various OTP methods will bring your business in line with NIST standards, with even more possibilities on the horizon.
You can experiment with these factors to eliminate passwords altogether, and as open standards develop, continuous authentication may soon be your next best option. As the security landscape continues to evolve, get ready to authenticate with ease.
September 12, 2021
Hackers are clever and are always innovating new ways to breach cybersecurity defenses, so no single tactic is likely to afford 100% protection. But....
May 29, 2019
The use of stolen credentials ranks as one of the most commonly seen aspects of cybersecurity incidents, and loss of unencrypted data is one of the....
April 23, 2020
These five steps can reduce remote-work disruptions for your organization.
Let us know what you need, and we will have an Optiv professional contact you shortly.