Keeping up with the latest user permissions and two-factor authentication is essential to protect against the latest cyber threats. Cybercriminals always stay ahead of the curve in a constantly changing digital landscape. To ensure security, companies require centralized user identity and access management (IAM) solutions that can be combined with better user education to enhance overall security.
A common way of applying 2FA is to require users to use an authenticator app on their personal devices. This ensures that only the device of the user is used to sign in to HubSpot which reduces the risk of having stolen or lost credentials.
For instance, Duo Security, a 2FA solution that was acquired by Cisco in the year 2018, provides mobile device support to its customers. The platform of the company makes use of FIDO and Web Authentication API standards (WebAuthn) to enable mobile device authentication by tapping into built in capabilities on iOS, Android and Windows smartphones. This is a convenient method for users to verify their identities without the need of an IT professional to update their apps or change settings, and it can also help prevent them from accidentally bypassing security controls.
Other methods of implementing 2FA include requiring that it be enabled on specific geographical locations, using network information to verify users’ location and blocking authentication attempts from suspect networks such as Tor, proxies and VPNs. These types of conditional policies can be configured and enforced in different ways from the administrator’s dashboard of an IAM solution.
It is also essential to recognize that implementing and deploying 2FA will take time. It is a good idea to accelerate the process by using an IAM solution that allows users to turn off 2FA in the event that they are no anymore able to access their authenticator app.