Multi-factor authentication is when an online or in-person system uses multiple different proof points to ensure that the person trying to gain access is the actual person authorized to do so. When you enter a user ID to log in to email, for example, and the system asks for your password, that’s a single factor. When it then asks for additional evidence, such as a code it sent to your cell phone, that’s a second factor — true multi-factor authentication (MFA).
Factors Are Something You Know, Have, or Are
When you’re asked to give a password, that’s “something you know.” If you’re also asked a security question, that’s really the same thing… another something you know.
A true second factor would be something else, such as “something you have” — like a confirmation code the system sends to your cellphone. Only someone who’s got that phone can receive that second factor.
These two types of factors are the most common. “Something you are,” e.g., a fingerprint or retinal scan, is also regularly used, but potentially more problematic from a privacy standpoint.
StreamSets Use of MFA
StreamSets makes use of MFA for its corporate systems, along with Okta for single sign-on (SSO). When a StreamSets engineer needs to upload code to Github, or log in to Jira to handle an escalation ticket, she will need to log in to Okta; Okta will in turn require multiple authentication factors.
StreamSets considers the systems that the engineers use to develop our code to be in need of strong security. (Though, as a security professional, I recommend MFA for any authentication where there’s a non-negligible risk of loss, e.g., for your banking, or PayPal accounts.)
StreamSets also makes use of password managers, so that users can select complex passwords, but not have to memorize or write them down. Once authenticated to the password manager, the user can fetch passwords as needed for systems that aren’t managed by the company’s Okta.
Your Use of MFA with StreamSets Services
If you use StreamSets’ services, you’ll be authenticated by whatever means your company uses. StreamSets SaaS services can be integrated with a customer’s own identity management services, and the customer’s security and compliance teams can then determine how rigorous the authentication process ought to be. And this may well vary across StreamSets’ customers, which range from financial and healthcare, to industrial infrastructure companies, and are both on-line and brick and mortar retail companies.
The post Multi-Factor Authentication for StreamSets and Our Customers appeared first on StreamSets.