Use Case - User Authentication From Different Device Types
Recommended Implementation Details
Scenario User authentication from both a mobile and non-mobile device within an active authentication session
Description Access Management will be configured to detect user authentication from multiple device types within the same authentication session. If multiple authentications are identified, Access Management will force an MFA Challenge. If the MFA Challenge fails on a mobile device, the Enterprise Mobility Management (EMM) application will lock the device as a possible compromised device.
IDSA Security Controls
Success Criteria
  1. End User is able to access desired applications
  2. Access Management enforces MFA as appropriate