Enhanced Identity Security
The last section of this chapter will cover some of the more enhanced capabilities you should be reviewing and deploying to best protect your identities. This includes providing biometric capabilities, moving to both phish-resistant MFA and passwordless, deploying a risk-based type of protection that can leverage AI capabilities, and ensuring your identity-based activity is being sent to your SIEM for 24/7 monitoring and review.
Biometrics
If you recall the Authentication section from earlier in the chapter, biometrics was referenced as a Type 3 authentication method to confirm your identity. Type 3 authentication is something that you are. Because of this, biometrics provides a much more secure method to authenticate as your biometrics are unique to you as a person and they can’t easily be replicated, making it very difficult to compromise. In addition, biometrics provides a much-improved user experience as you don’t need to remember...
