Login
    Contents x
    Multi-Factor Authentication
    • 21 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Contents

    Multi-Factor Authentication

    • Updated on 21 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Article summary

    WHAT IS MULTI-FACTOR AUTHENTICATION AND WHY IS IT IMPORTANT?

    Multi-Factor Authentication (MFA) enhances the authentication process by requiring the use of multiple authentication factors to verify a user’s identity before granting access to a system. These authentication factors are typically categorized as follows: 

    Something you know: Information known only to the user, such as a password, passphrase, or personal identification number (PIN).

    Something you have: A physical or digital possession, such as a security token, smart card, or a digital certificate linked to the user or their device.

    Something you are: An inherent characteristic unique to the user, typically biometric data (e.g., fingerprint, or facial recognition).

    By requiring more than one of these factors, MFA significantly strengthens the authentication process compared to reliance on a single factor, such as a password. This layered approach mitigates the risks associated with compromised credentials by ensuring that unauthorized access is not easily achieved.

     

    CONTROLS THIS DASHBOARD REPORTS ON

    This dashboard reports on your organization’s level of compliance with these controls:

    NIST CSF v2.0: Subcategory PR.AA-03: Users, services, and hardware are authenticated

    PCI-DSS v4.0.1: Requirements 8.4.2 MFA is implemented for all non-console access into the CDE, and 8.4.3 MFA is implemented for all remote access originating from outside the entity’s network that could access or impact the CDE.

    CIS CSC v8.1: Safeguards 6.3 Require MFA for Externally-Exposed Applications, 6.4 Require MFA for Remote Network Access, and 6.5 Require MFA for Administrative Access


    PRIMARY KEY PERFORMANCE INDICATOR (KPI)

    The dashboard reports on this Primary KPI:

    Numerator: Count of successful sign-ins to applications using MFA

    Denominator: Total sign-ins

     

    COLUMNS DISPLAYED ON THE DETAIL DASHBOARD

    • Compliance Status
    • Unique Sign-in – string to identify a sign-in event
    • Application Name, Application ID – identifiers for the application being accessed
    • Is Admin – Is this account an Admin in the application being accessed
    • Sign-in Time, Sign-in Source – time of the sign-in, and the source providing the sign-in record
    • Employee ID, Employee Email, Employee Full Name, Employee Job Title - Employee information
    • Manager Employee ID , Manager Full Name, Manager Email Address - Employee's manager
    • Executive VP, Senior VP, VP / Executive Director - Management chain for the Employee
    • Level 5, Level 6 - Additional levels of management for the Employee

     

    OCSF TABLES USED BY THE DASHBOARD

    • Authentication [3002]
    • User Inventory Info [5003]



    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence