Protecting sensitive information or application access with additional authentication is an important task, not just in the on-premise world. In particular, it needs to be extended to every sensitive cloud service used. There are a lot of variations for providing this level of security and additional authentication, such as certificates, smart cards, or biometric options. For example, smart cards depend on special hardware used to read the smart card and cannot be used in every scenario without limiting the access to a special device or hardware. The following table gives you an overview of different attacks and how they can be mitigated with a well-designed and implemented security solution:
Attacker | Possible security solution |
Password brute force | Strong password policies |
Shoulder surfing Key or screen logging... |