Multifactor authentication receives a lot of attention in healthcare environments because of the way the technology...
can better protect against unauthorized data access.
As its name implies, multifactor authentication refers to the simultaneous use of two or more verification mechanisms. Access is granted to protected resources only if the person who seeks access is able to successfully complete all required forms of authentication.
Multifactor authentication examples have existed in one form or another for many years. In recent times, however, one of their primary goals has been to eliminate traditional passwords. Passwords can be difficult to remember (because they change frequently), may be easily compromised and can lead to chain-reaction breaches when a user chooses the same password to secure multiple, disparate resources.
Take the common mistake of using a "work password" to also log in to a favorite retail website. This shortcut introduces a significant security risk. If a criminal infiltrates the e-commerce site, then the hacker may attempt to use customer passwords to access other resources.
Among multifactor authentication examples, I am seeing biometric-based authentication being considered more by organizations. For instance, fingerprint recognition has become popular in recent years, with many laptops now including built-in fingerprint readers.
Facial recognition is also gaining popularity in healthcare environments. Facial recognition technology is natively supported by Windows 10 and can allow a user to log in automatically. Because this technology can be used as a hands-free form of authentication, it has benefits for healthcare sites in which staff members often carry diagnostic equipment or mobile devices.
Other multifactor authentication examples used in healthcare environments include token authentication, in which a user gains access via a physical object that interacts with a security system. This verification method comes in many different forms, but is often based around a trusted device. One way to use the token approach is to design a system to recognize a user's smartphone as a digital certificate and treat the possession of a trusted device as an authentication type.
Dig Deeper on Electronic medical records security and data loss prevention
Related Q&A from Brien Posey
Bloatware isn't just annoying -- it can negatively affect OS security, for example. Find out ways to get rid of Windows 10 bloatware once and for all... Continue Reading
Is your Google data protected? Make sure you are backing up G Suite files, because Google doesn't provide the comprehensive protection you'll need to... Continue Reading
Hyper-converged systems, like any other, require data protection. We describe using RAID and erasure coding for hyper-convergence to help you pick ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.