Capabilities necessary in the remote world
As the world continues to shift from an environment where people accessed systems locally in an office or a data center to a world where people primarily access systems and resources from remote locations such as their home office or a coffee shop, it is becoming increasingly apparent that information security systems must evolve. While many of the best practices we have discussed previously are relevant in all configurations, a number of additional best practices should be implemented to secure remote systems and remote users. The first best practice deals with how users are authenticated.
Factors of authentication
In Chapter 3, Anatomy of an Attack, we highlighted several attack types that are made easier for attackers to execute by single-factor authentication systems. Multifactor authentication techniques are often an effective countermeasure, especially when part of the attack chain involves account compromise. Many organizations...
