MFA multi factor authentication eliminating passwords biometric authentication

5 Tips for Deploying MFA in Your Enterprise

We’ve been using usernames and passwords since the 70s, and two-factor authentication solutions for nearly a decade now. As more firms begin to embrace multi factor authentication (MFA), it can be a bit jarring for end users to migrate to a new way of logging into their business accounts and systems. If you’ve deployed one-time password-based 2FA already, it may not be a far cry to require biometric authentication on a smartphone. If you’re jumping straight from passwords to a biometric-enabled MFA strategy, you need to lay some groundwork in place first.

Here are our five key tips for deploying multi factor authentication, preparing your workforce for the change, and the best factors to include:

1.   Test Multi Factor Authentication with a Pilot Group

The best way to ensure a smooth rollout of MFA is to test it with a pilot group of random employee. By picking a handful of workers from various departments, making sure to include those with varying levels of security needs, you’ll optimize the solution for your average user while addressing the demands of those with access to more sensitive information, such as payroll.

2.   Make the Factors Flexible

One of the best ways to optimize MFA is to provide more than the required number of factors. Employees can then select the three or more that they are most comfortable with. We always advocate adopting biometrics for increased security, but some employees simply won’t want to use their fingerprint or face to log into corporate accounts. By offering a choice, you allow them to use ones they’re comfortable with while still improving security across the board. This also lets them use factors they’re familiar with, such as OTPs.

3.   Optimize Access With Mobile Devices

To successfully bake multiple authentication factors into a single solution, make it mobile. By requiring mobile devices to be part of your MFA strategy, you gain access to key information and can combine it with other factors to go beyond three or even four checks at once. For example, all phones carry a unique device identification (UDI) number, which can be accessed and tested against a previously enrolled UDI. Furthermore, most modern mobile devices are capable of capturing behavioral biometrics for passive authentication, which can be used as a tertiary authentication factor alongside stronger ones.

4.   Educate Employees on Why They Need MFA

Simply deploying a solution might not be enough to enforce its use. Often, employees will see MFA as a nuisance rather than a security benefit. By educating them on why MFA is superior to 2FA and passwords alone, you can avoid complaints and misuse of the system. This will result in smoother adoption across your workforce. Include data breach statistics, ask them how often they share passwords when they shouldn’t, and other questions that will help them realize how not using MFA is a security risk.

5.   Select Your Platform Carefully

The platform you use for MFA plays a critical role in success. It needs to support our five tips, as well as all your company’s use cases. At the same time, it should optimize security and provide a convenient user interface for managing access and analyzing related data. The platform should also be scalable and future-proof. This will open the door to compatible up-and-coming authentication strategies.

VeridiumID provides an identity and access management platform that meets all of these needs, enabling a flexible, secure and enterprise-ready authentication solution for businesses that is simple for end users at all technical skill levels.

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

The Largest Internet Company in Mexico Taps Tec360 and Veridium for Trusted Phishing Resistant Passwordless Authentication and to secure Okta SSO A top provider of


Veridium The True Passwordless Enterprise

Veridium The True Password-less Enterprise In February 2017 when I joined Veridium as CPO, I recognised and appreciated one of the biggest challenges for Enterprise