Implementing multi-factor authentication (MFA), is a growing trend. The MFA industry is expected to grow to $13.59B by 2022.
When it comes to the retail industry, MFA has unique challenges—like meeting strict compliance requirements, managing multiple locations (locally or globally) and protecting employee and customer information. You also need to keep up with the speed of business and can’t be slowed down by time intensive steps. Because of these factors, it's important to think about how to effectively apply and manage MFA across multiple devices and locations, and determine which MFA types will work best for your needs.
Managing MFA
Technologies like Intel® Authenticate—available on devices with 8th Gen Intel® vPro™ Technology—simplify MFA scaling for flexibility to create and deploy custom MFA policies that enforce user identity protection. IT administrators can mix/match identification factors for different users and provide varying levels of access across the corporate domain, network, VPN and more. Intel Authenticate provides a simple self-service enrollment tool for end users to quickly get started, eliminating calls to IT.
Enabling True "Hardware" Authentication
Lenovo recommends MFA grounded in hardware which is harder for hackers and malicious code to snoop and capture password data because it's deep in the silicon, isolated from the OS/applications.
There are several ways to authenticate users and ensure credentials are stored at the hardware level. Intel Authenticate can set up different combinations of the following:
- Facial Recognition: Infrared (IR) cameras are more secure than regular cameras. ThinkPad Glance utilizes face/eye/gaze-tracking to automatically lock a device if user isn't present.
- Fingerprints: Lenovo Match on Chip Fingerprint Reader (MoC FPR) stores biometric credentials on a separate chip, making it almost impossible to hack.
- PIN: Short PIN codes can be used alongside other authentication factors as part of an MFA solution.
- Consider the following as supplementary MFA factors:
- Phone Proximity pairs smartphones with PCs via Bluetooth and securely uses phone proximity as authentication factor.
- Location-based services to determine if user is in an expected location.
To update your access management strategy, modern devices will support and scale hardware-based MFA with the convenience of solutions like Windows Hello.
