Nested Knowledge

Bringing Systematic Review to Life

User Tools

Site Tools


wiki:policies:dualauth

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
wiki:policies:dualauth [2021/11/26 20:57]
kevinkallmes
wiki:policies:dualauth [2023/04/13 15:02]
katcow
Line 3: Line 3:
 ===== I. Purpose ===== ===== I. Purpose =====
  
-This policy outlines our planing related to the implementation of advanced authentication of users who connect to Nested Knowledge information systems. We are committed to protecting the security, privacy, and integrity of Nested Knowledge information systems.+This policy outlines our planning related to the implementation of advanced authentication of users who connect to Nested Knowledge information systems. We are committed to protecting the security, privacy, and integrity of Nested Knowledge information systems.
  
 ===== II. Scope ===== ===== II. Scope =====
Line 26: Line 26:
 === Authentication with Client Data === === Authentication with Client Data ===
  
-In cases where a clien grants Nested Knowledge access to data with the explicit requirement of multi-factor or other authentication in order to be granted access to client data, we will adhere to the level of authentication required by the client. Where clients upload data to the Nested Knowledge platform or to any cloud managed by Nested Knowledge without explicit requirement, we will adhere to the level of authentication outlined in this policy.+In cases where a client grants Nested Knowledge access to data with the explicit requirement of multi-factor or other authentication in order to access the data, we will adhere to the level of authentication required by the client. Where clients upload data to the Nested Knowledge platform or to any cloud managed by Nested Knowledge without explicit requirement, we will adhere to the level of authentication outlined in this policy
 + 
 +=== Cloud Based Applications === 
 + 
 +Our most sensitive systems, such as our cloud resources on AWS do require MFA--we use virtual MFA device authentication (specifically, the Google Authenticator app
  
 ===== Revision History ===== ===== Revision History =====
Line 35: Line 39:
 |K. Kallmes|11/26/2021|Draft approved| |K. Kallmes|11/26/2021|Draft approved|
  
 +[[:wiki:policies|Return to Policies]]
wiki/policies/dualauth.txt · Last modified: 2023/10/06 21:53 by katcow