User authentication to protect sensitive data

Contents

To be able to effectively control the access of both third parties and company personnel, internal staff to the different applications, it is necessary to have some kind of role, understood as a kind of personal privilege, that can be attributed to a certain individual and that corresponds to a certain field.

authentication20of20users-9489207

This way of managing access will allow each person to see different information, but only the one you need, while the company can control all accesses based on the level of visibility attributed to each type of function the profile.

How to put this policy into practice

Put this into practice Policy of data security would mean:

  • Select the access ranges depending on each profile.
  • Put into practice the response that controls the access between business applications and confidential data. By choosing the software You have to pay attention that, whatever the choice, must be able to apply the same information control system that has been established. This control should act as an intermediary between the business application and the databases where the data is stored. sensitive information.
  • Show information based on roles and profiles, which in turn will depend on the functions assigned to each one. Thus, each of the roles or profiles will be linked to the definition of the characteristics of that type of user, which are the ones that give the key to achieving a certain level of access or another.

The application of this security policy enables the company to control and manage access of applications which gives it greater security and greater reliability, having the certainty that the data with which your workers are working will not be filtered. To achieve an optimal result It will be necessary to use associated technology that, although it involves a cost, will pay off in customer satisfaction, an image that is projected to the exterior and interior and economic benefits. that all this will bring you.

Authentication factors

A Authentication factor is a category of credentials used for identity verification.. The three most common categories are described as something you know (the knowledge factor), something you have (the possession factor) and something that you are (the inherence factor).

  • Knowledge factors– A category of authentication credentials consisting of information owned by the user, as a personal identification number (PIN), Username, password or the solution to a secret question.
  • Possession factors– A category of credentials based on the items the user has with him, generally a hardware device such as a security token or mobile phone that is used in conjunction with a software token.
  • Heredity factors– A category of user authentication credentials consisting of items that are an integral part of the person in question, in the form of biometric data.

User location and time are sometimes considered the fourth factor and the fifth factor for authentication.. The ubiquity of smartphones can help ease the burden of multi-factor authentication For the users. Most smartphones are equipped with GPS, allowing reasonable security confirmation of the login location. Lower security measures include the MAC address of the login point or physical presence checks via cards. and other items of the possession factors.

(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = “//connect.facebook.net/es_ES/all.js#xfbml=1&status=0”;
fjs.parentNode.insertBefore(js, fjs);
}(document, ‘script’, 'facebook-jssdk'));

Subscribe to our Newsletter

We will not send you SPAM mail. We hate it as much as you.