Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

An organization has all the regular controls you can think of for network and sy

ID: 657746 • Letter: A

Question

An organization has all the regular controls you can think of for network and systems protection from the 10 security domains. External login access to the organization's services is protected with 2 factor authentication. As an improvement on security posture, it is suggested that 2 factor authentication could be enabled on all user workstations. Given the fact that security controls ranging from physical security to logging access are well implemented, what are the pros and cons of implementing 2 factor authentication on all workstations of the organization?

Explanation / Answer

You could gain security by having that the physical access card, that is used to open doors in organization, must be placed on a Reading pad or inserted in a smart card reader, and kept there to keep the computer logged in. As soon as the card is removed, computer is forcefully logged out. (shutdown /l /f /t 0)

I would advise against locking the computers instead of logging out them, both for security, but also so shared computers do not get "locked up" by careless users. Better to log the computer out, if the user want to continue working, he has to save his work prior to removing the card.

If this card is used to access basically all doors in the organization, even for the exit direction, even toilets and lets say vending Machines, coffe Machines, copy machine, printer, etc

then it will become a habit of the workers to actually Always bring the card with them when going anywhere.

This means that you dont need to logout the session after inactivity.

This means you can actually use it with a one-factor login (only card) instead to make the login extremely convient for the user. To protect against lost cards, you could have that the card needs to be presented and a PIN code needs to be entered, at the front door or lobby area, to enable the card for 12 hours.

Thus on the beginning on work day, the user has to use card+PIN to activate the card. After this, the card will work for 12 hours, in all doors and on all computers where the user is allowed to be.

Related Questions

An organic compound absorbs strongly in the IR at 1687 cm^-1. On oxidation it is
Question #989138
An organic compound contains carbon, hydrogen, and sulfur. A sample of it with a
Question #878601
An organic compound contains carbon, hydrogen, and sulfur. A sample of it with a
Question #878603
An organic compound contains carbon, hydrogen, and sulfur. A sample of it with a
Question #878636
An organic compound contains only carbon, hydrogen and oxygen. A sample of this
Question #993677
An organic compound found in groundwater and believed to be an envirotoxin was s
Question #613833
An organic compound found in groundwater and believed to be an envirotoxin was s
Question #755723
An organic compound found in groundwater and believed to be tin envirotoxin was
Question #614025
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
An organization followed an SDLC process for vulnerability remediation from deve
Next
An organization has an Internet connection and has been assigned the IP address

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.