The four types of authentication claimed by some cyber security vendors are:
Traditionally cyber security has thought of only 3 authentication factors. Something that you know, you have, or you are. But as vendors have tried to find new ways of measuring "something you are" they have started to measure behaviour. Specifically how people use a mobile phone or computer.
This means that strong authentication can be used on more devices. It removes the need for fingerprint scanners or cameras for facial recognition. And allows more people to access to strong authentication.
But it doesn't change the foundation of the three factors of authentication:
'Highly visible people' are the people easiest to identify in your business or school. You need to know who these people are, as they will be the ones hackers will most likely target.
Hackers are predictable. They always start by gathering as much information as possible about your organisation. This can be technical details but is increasingly focussed on the people who work for you.
Once hackers know who works for you, they use two main ways to…
A data breach event is one time your team’s email and password was lost as part of a data breach. For example, Jane in sales losing her password as part of the LinkedIn data breach.
This information can show that some people in your team have lost passwords in many data breaches. Whereas other team members have lost a password only once. This can help in prioritise who could pose a more significant risk to your organisation.