It’s Time To Enforce Non-Phishable MFA With Passwordless Login
- Name of sponsoring organization
- ISACA
- Details of the activity (e.g., where, when)
- Online Webinar, November 29th
- What you learned
-
This webinar discussed the importance of implementing non-phishable multi-factor authentication (MFA) with passwordless login to improve security and prevent unauthorized access. The speaker highlighted that 61% of breaches involve compromised credentials and that MFA can provide an additional layer of security by requiring users to provide additional forms of identification. The speaker also discussed the different types of MFA attacks such as SIM swapping and prompt bombing, and the different types of MFA methods available, such as mobile push notifications, mobile time-based OTP, and grid cards. By 2025, more than 50% of the workforce will be using passwordless login, and organizations that embrace a CAT approach will reduce ATO and other identity risks by 30%. Finally, the presenter emphasized that it is important to enforce strict controls in strong authentication for servers, RDPs, and hidden shared folders in the windows environment.
-
- How the activity relates to coursework or your career goals
- This webinar heavily relates to my career goals because it touches on important concepts related to cybersecurity and information management. Throughout my time within this major, I have been learning about the importance of protecting sensitive information from unauthorized access, and this webinar provided valuable information on how to do so through the use of MFA and passwordless login. Learning about the different types of MFA attacks is essential for understanding the security measures that need to be implemented to protect systems and data. Also, understanding the different types of MFA methods and how they work relates to the importance of user experience which is something that I’m very interested in. The webinar also highlighted the need for strict controls in strong authentication for servers, RDPs, and hidden shared folders in the windows environment, which is an important aspect of maintaining a secure IT infrastructure.