contextual access and multi factor authentication
play

Contextual Access and Multi-Factor Authentication Lessons learned on - PowerPoint PPT Presentation

Nov 12, 2023 •176 likes •519 views

Conference 2018 Contextual Access and Multi-Factor Authentication Lessons learned on getting past single-factor authentication! Panelists Corey Scholefield - Team Lead, Identity Services Wendy Blake Director, Network and Technical Services

  1. Conference 2018 Contextual Access and Multi-Factor Authentication Lessons learned on getting past single-factor authentication!

  2. Panelists Corey Scholefield - Team Lead, Identity Services Wendy Blake – Director, Network and Technical Services Sean Feil – Specialist, Identity, Information Technologies Sebastian Gonzales, Sr. Mgr – Identity & Access Mgmt. 2 Conference 2018

  3. What are we talking about? Contextual Access Control Multi-factor Authentication ¡ ¡ 3 Conference 2018

  4. Meet your neighbour! Meet your neighbour and discuss multi- ¡ factor authentication capability at your organization…! Deployed or not ? ¡ Support for or not ? ¡ 4 Conference 2018

  5. Use Case - TRU Business Drivers ¡ Restricting privileged access ¡ Reduce risk of ransomware/phishing ¡ PCI Compliance ¡ 5 Conference 2018

  6. Use Case - TRU ¡ Systems in scope for deployment Primary ¡ Password vault (thycotic) ¡ Firewall UI (Panorama) ¡ RDP to desktops (users who use VPN to access network) ¡ Secondary ¡ VPN ¡ Servers (Linux and Windows) ¡ Banner privileged accounts ¡ Root/administrator accounts ¡ BANSECURE named accounts ¡ INB accounts ¡ 6 Conference 2018

  7. Use Case - TRU Lessons Learned ¡ Have a well defined plan ¡ If we knew now…..? ¡ Overall we have had a good experience ¡ 7 Conference 2018

  8. Use Case - UCalgary 8 Conference 2018

  9. UCalgary – Business Drivers Prevent account compromise Audit requirements Reduce Reduce costs Reduce lost support associated productivity burden with risk 9 Conference 2018

  10. UCalgary – Deployment Deployed Testing Pilot Technical Pilot Business Pilot All Staff All Students 10 Conference 2018

  11. UCalgary – Deployment LDAP SecurID native Legacy Interfaces (technical) RADIUS CAS (custom) SAML 2 WS-FED New Interfaces (technical) OpenID Connect OAuth RADIUS 11 Conference 2018

  12. UCalgary – Deployment 12 Conference 2018

  13. UCalgary – Lessons Learned 13 Conference 2018

  14. UCalgary – Lessons Learned 14 Conference 2018

  15. UCalgary – Lessons Learned 15 Conference 2018

  16. UCalgary – Lessons Learned 16 Conference 2018

  17. UCalgary – Lessons Learned 17 Conference 2018

  18. UCalgary – Next Steps • Hardware token support and deployment strategy • Deploy to remaining staff and students • Expand systems protected by MFA • Strengthen contextual access to reduce need for token authentication 18 Conference 2018

  19. UVic – Business Drivers Compromised Accounts Manage Risk AUDIT + PCI 19 Conference 2018

  20. UVic – YubiKey MFA applications 2012 • Cisco VPN – for NETS Staff 2014 • Unix Shell - for Privileged Admins • Banner 8 Forms – Finance • On-premise Yubikey OTP Server + Key Management in IdentityIQ 2017 • VPN MFA access expanded to IT staff • CAS 5.2 SSO + Banner 9 / AppNavigator 2018 20 Conference 2018

  21. UVic – Lessons Learned • Leadership • People • IT • Process • Clients • Technology Business Buy-in Process Driving Best- Forces practices • Audit • Gartner research • Info Sec • Unicon • Reputational support risk 21 Conference 2018

  23. UVic – Next Steps Staff More Web apps desktops factors 23 Conference 2018

  24. Use Case Business Drivers ¡ Deployment ¡ Lessons Learned ¡ If we knew now….. ¡ Next Steps ¡ 24 Conference 2018

  25. 25 Conference 2018

  26. 26 Conference 2018

  27. 27 Conference 2018

  28. 28 Conference 2018

  29. 29 Conference 2018

  30. 30 Conference 2018

  31. 31 Conference 2018

  32. Use Case Lessons Learned. ¡ Don’t be afraid to ask for …. ¡ Some of the best support is in the communities… ¡ Set a 25 min floor to present… ¡ Test your communications not just your tech… ¡ If we knew now….. ¡ Portion Control…. ¡ 32 Conference 2018

Recommend

Multi-factor Authentication Coming to a NERSC near you You Have Probably Heard of MFA

Multi-factor Authentication Coming to a NERSC near you You Have Probably Heard of MFA

Multi-factor Authentication Coming to a NERSC near you You Have Probably Heard of MFA Password One-time Password (OTP) Factor == Authentication Method Certificate Hardware Token Biometric password + OTP token + PIN Multi-factor ::= 2+

90 views • 7 slides
Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey

Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey

Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey Friedberg Phishing & Identity Theft Historically most online banking done with passwords (single-factor authentication) Password communicated

449 views • 42 slides
Two factor authentication Open, trustworthy and enterprise ready Two factor authentication

Two factor authentication Open, trustworthy and enterprise ready Two factor authentication

Version 1.0 Cornelius Klbel (corny@cornelinux.de) May 2014 (CC BY-NC-SA 4.0) Everybody knows that a password - be it simple or even complex - is a potential vulnerability. Two factor authentication is the way to authenticate a user not only

400 views • 5 slides
DUO 2-Factor Authentication at UNC Charlotte WHATS DUO? Two-Factor Authentication

DUO 2-Factor Authentication at UNC Charlotte WHATS DUO? Two-Factor Authentication

DUO 2-Factor Authentication at UNC Charlotte WHATS DUO? Two-Factor Authentication Using two devices to prove youre you! Why? Breaches! UNC Charlotte has been the victim of more than one data breach, and ITS is attempting to

623 views • 6 slides
Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018

Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018

10.10.18 1 Multi-Factor Authentication (MFA) What is it? Why should I use it? CYBERSECURITY Tech Fair 2018 Boston University Information Services & Technology 10.10.18 2 Recent Password Hacks PlayStation Network (2011) 77 Million

157 views • 13 slides
NERSC Multi-Factor Authentication It's easy! Abe Singer 2018-11-01 MFA in Brief MFA will

NERSC Multi-Factor Authentication It's easy! Abe Singer 2018-11-01 MFA in Brief MFA will

NERSC Multi-Factor Authentication It's easy! Abe Singer 2018-11-01 MFA in Brief MFA will be required starting with new allocation year MFA == Password + One Time Password (OTP) Protects your account against password

1.07k views • 22 slides
Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional NCEdCloud Privileged Accounts) - Mark Scheible, MCNC MFA for All NCEdCloud Privileged Users As a part of continuing efforts to enhance the security

479 views • 14 slides
Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional NCEdCloud Privileged Accounts) - Mark Scheible, MCNC MFA for All NCEdCloud Privileged Users - 1 As a part of continuing efforts to enhance the

319 views • 15 slides
T/Key: Second-Factor Authentication Without Server Secrets Dima Kogan 1 , Nathan Manohar 2 , Dan

T/Key: Second-Factor Authentication Without Server Secrets Dima Kogan 1 , Nathan Manohar 2 , Dan

T/Key: Second-Factor Authentication Without Server Secrets Dima Kogan 1 , Nathan Manohar 2 , Dan Boneh 1 1 Stanford, 2 UCLA Passwords have multiple security issues eavesdropping/key logging phishing password reuse Two-factor authentication

779 views • 31 slides
What does MFA mean? Jeffrey Goldberg jeff@1Password.com What does MFA mean? It

What does MFA mean? Jeffrey Goldberg jeff@1Password.com What does MFA mean? It

What does MFA mean? Jeffrey Goldberg jeff@1Password.com What does MFA mean? It means multi-factor authentication. In certain cases it is called 2FA for two-factor authentication. Jeffrey Goldberg What does MFA mean?

471 views • 44 slides
View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert, Florian Farke, and Markus Drmuth Santa Clara, California, USA | WAY 2019 | August 11, 2019 Two-Factor Authentication 1 1 2 1 Gmail 2FA

415 views • 28 slides
Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR

Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR

Django User Authentication OVERVIEW OF USER AUTHENTICATION Anthony Alampi OWNER, X FACTOR CONSULTANTS www.XFactorConsultants.com User Authentication (Auth) The methods by which a web app verifies the identity of a user and limits their

334 views • 8 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
Levenberg-Marquardt Computation of the Block Factor Model for Blind Multi-User Access in Wireless

Levenberg-Marquardt Computation of the Block Factor Model for Blind Multi-User Access in Wireless

Levenberg-Marquardt Computation of the Block Factor Model for Blind Multi-User Access in Wireless Communications by Dimitri NION and Lieven DE LATHAUWER Laboratoire ETIS, CNRS UMR 8051 6 avenue du Ponceau, 95014 CERGY FRANCE 14 th European

719 views • 23 slides
Using Trusted Execution Environments in Two-Factor Authentication Roland van Rijswijk-Deij M.Sc.

Using Trusted Execution Environments in Two-Factor Authentication Roland van Rijswijk-Deij M.Sc.

Introduction Trusted Execution and Two-Factor Authentication User Interaction Discussion Conclusions and Future Work Using Trusted Execution Environments in Two-Factor Authentication Roland van Rijswijk-Deij M.Sc. rijswijk@cs.ru.nl

299 views • 14 slides
Sponsors.. A well-defined security plan? A document with Security Plan on the top of it

Sponsors.. A well-defined security plan? A document with Security Plan on the top of it

Sponsors.. A well-defined security plan? A document with Security Plan on the top of it SURVEY SAYS Identity & Access Management Multi-Factor Authentication Life Cycle Management Network Access Control

382 views • 24 slides
Contextual Multi-armed Bandit Algorithm for Semiparametric Reward Model Gi-Soo Kim, Myunghee Cho

Contextual Multi-armed Bandit Algorithm for Semiparametric Reward Model Gi-Soo Kim, Myunghee Cho

Contextual Multi-armed Bandit Algorithm for Semiparametric Reward Model Gi-Soo Kim, Myunghee Cho Paik Seoul National University June 13, 2019 Introduction We propose a new contextual multi-armed bandit (MAB) algorithm for the nonstationary

209 views • 20 slides
Contextual Inquiry Take Aways Overview of Contextual Design Contextual inquiry

Contextual Inquiry Take Aways Overview of Contextual Design Contextual inquiry

Contextual Inquiry Take Aways Overview of Contextual Design Contextual inquiry Interviewing techniques Contextual Design Contextual design is: An established process for analyzing tasks people do and designing technology to

456 views • 43 slides
smartmail & smartportal: Introducing Two- Factor Authentication Presented By: Business

smartmail & smartportal: Introducing Two- Factor Authentication Presented By: Business

smartmail & smartportal: Introducing Two- Factor Authentication Presented By: Business Process Team DL-BusinessProcessandAutomation@fnf.com Decision of the Organization to protect our clients and customers further by adding another

202 views • 16 slides
A Comparative Usability Study of Two-Factor Authentication Emiliano de Cristofaro 1 , Honglu Du 2

A Comparative Usability Study of Two-Factor Authentication Emiliano de Cristofaro 1 , Honglu Du 2

A Comparative Usability Study of Two-Factor Authentication Emiliano de Cristofaro 1 , Honglu Du 2 , Julien Freudiger 2 , Gregory Norcie 3 UCL 1 , PARC 2 , Indiana University 3 Website/Service Token password Fingerprint Phone PIN Retina

367 views • 20 slides
Multifactor Authentication based on User Contextual Data and the Mobile Web September 11, 2014

Multifactor Authentication based on User Contextual Data and the Mobile Web September 11, 2014

Open Source Open Possibilities Multifactor Authentication based on User Contextual Data and the Mobile Web September 11, 2014 W3C Web Crypto Workshop Open Source Open Possibilities PAGE 1 Introduction The web ecosystem is trying to move

657 views • 11 slides
Secure SDN Authentication & Authorization for Multi-tenancy (DNS based PKI model) Author:

Secure SDN Authentication & Authorization for Multi-tenancy (DNS based PKI model) Author:

IETF94 2 Nov. 2015 Yokohama SDNRG WG Secure SDN Authentication & Authorization for Multi-tenancy (DNS based PKI model) Author: www.huawei.com Hosnieh Rafiee Ietf{at}rozanak.com Motivation Problem: secure SDN authentication,

546 views • 10 slides
c b roland.vanrijswijk@surfnet.nl Overview - Introduction - The 2-factor landscape - Something

c b roland.vanrijswijk@surfnet.nl Overview - Introduction - The 2-factor landscape - Something

tiqr: a novel take on two-factor authentication LISA 2011, Boston, MA Roland van Rijswijk c b roland.vanrijswijk@surfnet.nl Overview - Introduction - The 2-factor landscape - Something we all have - - Comparison of 2-factor AuthN

546 views • 19 slides
Contextual Analysis SWEN-444 Contextual analysis Systematic analysis of contextual user work

Contextual Analysis SWEN-444 Contextual analysis Systematic analysis of contextual user work

Contextual Analysis SWEN-444 Contextual analysis Systematic analysis of contextual user work activity data Identification, sorting, organization, interpretation, consolidation, and communication For purpose of understanding work context for

449 views • 26 slides

More recommend