Our day to day is characterized by various occasions in which we must authenticate our accesses. Either to access our job or review our bank statements, to give examples. In today’s world, there is no authentication method that fits all needs. Without realizing it, we authenticate in various ways every day. The way we work and perform our activities in general becomes increasingly diverse and dynamic every day. This means that new technologies must adapt to this by proposing solutions according to each authentication need.
From the point of view that you, a person who works in information security, it is crucial to be able to implement better ways to authenticate. All of them must guarantee access to resources to those who really need it.
Are these really those who need access to certain types of information? You can implement a solution that allows a person to authenticate with a 4 or 6 digit PIN, followed by a token that will identify the hardware from which the person is connecting. This can be applied if a person, from his mobile, has to have access to the consultation and maintenance of the items in stock of the company for which he works. Going to the plane of us as normal users , we get used to having solutions like these when we want to visualize our bank account and perform operations from its platform.
We must also analyze the complexity of each of these methods and the context in which users are going to authenticate. That context has to do with the environment in which the person develops, their roles and responsibilities. You would not apply the use of a biometric watch in places where there are people with clothing that prevents its correct use, such as protective gloves. We do not have to forget that the user experience has to be good and should not hinder your daily activities. Note the importance of our decision-making capacity when implementing a technological solution in favor of the security of information and people.
The last, but not least, is the cost of the methods we have chosen. However, we are not only referring to the cost of this, but what it implies after implementing it, that is, technical support . Keep in mind that the mere fact that we forget our passwords or our usernames will influence the final cost of the solution. On the other hand, the equipment that we will use, which in many cases its cost of after-sales support is much lower because they do not require a very strict maintenance regime. Of course, the larger the organization, the greater the cost of equipment if it had more than one price.
We emphasize that our day to day is less and less static . Access to our applications, devices and / or workplaces must be agile. We cannot waste too much time, since there are cases in which lost time may also involve lost money.