Effectiveness of multi factor authentications to ensure information security on customer data study on the insurance industry in Sri Lanka

Abstract

Organizations face new challenges in securing their networks and systems due to the growing threat of cybersecurity attacks and the shift towards remote work due to the COVID-19 pandemic. Traditional username and password authentication methods are no longer sufficient to protect against increasingly sophisticated attacks. Multi-factor authentication (MFA) provides an added layer of security by combining two or more authentication factors to enforce access policies. MFA is a security feature that requires submitting two or more than two items of information to confirm that they are the actual user. This can include items such as passwords, One Time Password (OTP)s sent to their registered mobile phones or emails, or biometrics such as face recognition or fingerprint scan. These hardened methods are more difficult to interpret by attackers since the actual user biometrics are involved, therefore they do not have much support even if they steal an OTP or a password. For instance, a typical user might be required to enter their username and password, as well as a code sent to their phone. As a result, even if an attacker has the user's login and password, accessing their account will be far more challenging. MFA can employ a wide variety of various sorts of elements. The following are some examples of common factors: something you know, like a login and password; something you have, like a security token or a smartphone; and something you are, like a fingerprint or face recognition. There are many challenges and opportunities associated with implementing MFA in various contexts. Some of the challenges include cost, complexity, and user acceptance. However, there are also many opportunities associated with implementing MFA. Some of the opportunities include increased security, reduced risk, and improved compliance. Overall, MFA is a valuable tool that can help organizations to improve their security posture. With all above in hand, it is more important to consider the challenges over opportunities while implementing MFA solutions before finalizing the decision.