KommITS' Technology Days
On 18–19 September, SecMaker participated in KommITS' Technology D...
Two-factor authentication and identity management is fundamental for making the IT solutions of the future secure.
People depend on their digital identity to be able to carry out their work, use IT and live a connected life, but many people are concerned about the fact that data and information can fall into the wrong hands.
Technology that is able to secure IT systems and meet users' requirements for simplicity exists, but it must be implemented in the right way. We consider that the following four components are the most important for success.
Users have different needs
Do you want to log in using your mobile, a USB stick such as YubiKey or a smart card? Are you in the office or do you work from home? Do you share a workspace or do you have your own? Consultant or employee? All organisations and their users have different needs for authentication and gaining secure access to data and at the same time ensuring that business critical information will not fall into the wrong hands. Adapt the solutions according to the user's needs and get a satisfied, productive workforce.
Learn from others
You don't need to reinvent the wheel to create a secure IT workplace. Accept help from industry colleagues who have been on the same journey and you will avoid unnecessarily complicated processes, mistakes and doubts concerning user-friendliness.
Appoint an organisation and assign responsibility
Appoint employees who have the time to carry out and support the change. It will cost you at the beginning, but will quickly pay off in the form of simpler administration and reduced risk when the project has been implemented. The issuing process, management of reserve cards, mobile certificates and blocking of cards/certificates are important issues for the reliability and success of the solution. These questions are crucial to the result, particularly in decentralised organisations with workplaces in several different locations.
It is useful to base your work on an information security policy
We think it is useful for organisations to design, introduce, oversee, inspect and regularly revise their prioritised actions to ensure IT security. But keep it simple. Prioritise the most important first and stick to your guns. Don't give in to objections. Apply your own policy and get to the bottom of any objections to the solutions. You must dare to raise your voice when users want to relax aspects of IT security and deviate from established policy.
Are you waiting for the starting gun for an authentication project?
Contact Patrik Larsson and we'll see how we can help you get started.
Share this article