Evaluation of Multi Factor Authentication for Hybrid Cloud Enterprise Applications
“Many options are not transparent. They need to be explored and evaluated with care. What you see is not always what you get.”
― J. Grant Howard, Balancing Life's Demands: A New Perspective on Priorities
Halil Cenik, 2019
Bachelor Thesis, Bachem Holding AG
Betreuende Dozierende: Claudio Giovanoli
Keywords: Evaluation, MFA, Multi Factor Authentication, IT Security, AD FS
The client is a technology company active in the field of biochemistry. The current login to all their enterprise applications consists mainly of a user name, which is mostly the own name and a self-chosen password. This login process should be made more secure by using a multi factor authentication method to increase the protection of sensitive data.
Therefore it was commissioned to carry out an evaluation of multi-factor authentication for enterprise applications. A comprehensive common solution is the desired final result.
In the beginning, all the relevant services that were externally accessible needed to be identified. Then they all were analysed separately to figure out which ones needed protection with multi-factor authentication. This happened first through a data classification followed by a risk assessment. Afterwards, the possibility for service integration into the present identity provider needed to be investigated. Only after this preliminary work was done, the evaluation process for potential solutions began. Through analysing all third-party options available, a selection process determined which candidate would offer the most benefits for a reasonable price.
The first result of this project was the determination of all the relevant services, which were mostly declared confidential and could lead to potential threath in theft situations. Then based on these foundings a search for a potential provider for multifactor authentication solutions started. As evaluation conclusions, three suggestions were made matching the requirements set in the beginning. They are all from one provider, namely from Microsoft Azure, because they either offer a very cheap license model, which is significantly different from the rest, or offer more features in a different edition, which, with regards to the future, can also be very beneficial for this company.
Studiengang: Wirtschaftsinformatik (Bachelor)
Fachbereich der Arbeit: Wirtschaftsinformatik & IT-Management