Blog

Maintaining the user’s permissions and two-factor authentication is crucial to guard from new cyber threats. The digital landscape is always changing and cybercriminals always one step ahead. To increase security, companies should implement centralized solutions for user identity and access (IAM). These can be paired with enhanced education for users.

Commonly, 2FA is implemented by requiring users to use an authenticator software on their own devices. This ensures that only the device of the user is used to log in to HubSpot and reduces the chance of theft or lost credentials.

For instance, Duo Security, a 2FA solution that was acquired by Cisco in 2018, provides mobile device support for its customers. The platform of the company uses FIDO and Web Authentication API (WebAuthn) standards to allow mobile device authentication by tapping into built-in capabilities in iOS, Android and Windows phones. This provides a simple way for users to verify their identities without the need of an IT professional to update apps or change settings. It can also prevent them from accidentally bypassing security controls.

Other methods to implement 2FA are to ensure that it be enabled in certain geographic areas and then use the network’s information to verify the user’s location and block authentication attempts from a variety of suspicious networks such as Tor, VPNs, and proxy servers. These conditional policies can also be crafted and enforced via the IAM solution’s administrator dashboard.

In addition it is crucial to understand that the logistics of implementing and deploying 2FA will take time. It is a good idea, to speed up the process by go to my blog using an IAM solution that lets users disable 2FA if they are no anymore able to access their authenticator application.