A security measure that requires multiple forms of verification to grant access to a system or resource.
Description
Multi-factor authentication (MFA) is a security protocol that enhances the protection of non-human identities (NHIs), such as service accounts, APIs, and IoT devices, by requiring two or more verification methods to access sensitive information or systems. NHIs often operate autonomously and can have significant access permissions, making them appealing targets for cyberattacks. MFA mitigates the risk of unauthorized access by combining different authentication factors, such as something the NHI knows (like a password), something it has (such as a security token or a cryptographic key), or something it is (like biometric data). By implementing MFA for NHIs, organizations can ensure that even if one credential is compromised, the additional verification steps provide an extra layer of security, effectively safeguarding critical infrastructure and data against potential breaches. This approach is essential in today’s cybersecurity landscape, where attacks on NHIs are increasingly common.
Examples
- Using a password and a security token for API access.
- Requiring biometric authentication and a digital certificate for IoT device management.
Additional Information
- MFA can reduce the risk of credential theft and unauthorized access significantly.
- Implementing MFA may increase operational complexity but greatly enhances security.
References
- What are Non-Human Identities? - OASIS Security
- NHI Characteristics. Non-Human Identities (NHIs)… | Sep, 2024
- What are non-human identities - Astrix Security
- What is a Non-Human Identity? | Silverfort Glossary
- Non-Human Identity Management: Addressing the Gaping Hole in ...
- A Human's Guide to Non-Human Identities (NHIs) - Aembit
- The Complete Guide to the Growing Impact of Non-Human Identities ...
- What Are Non-Human Identities? - ConductorOne