In order to increase access security to its EDP? Do systems have the need to provide an additional authentication factor for each user for different EDP? services.

In addition to safeguarding users, the devices and applications used will also be examined for their security risks. In order to meet these requirements, a Zero? Trust? According to the model, access to systems is only allowed if users, devices and applications demonstrate trust.

The solution must belong to the "Zero Trust Solution" product group. The most important features are:

The solution must provide a second authentication factor.

In addition, the operating system or the accessing application (e.g. version of the web browser) must check before access in order to grant access to the UoC systems if the test is successful.

Context-sensitive, risk-based authentication is required. For this purpose, a consideration of a number of risk signals must be carried out. It is important to determine whether subsequent authentication attempts will require a more secure form of authentication if a risk has been detected. Here, among other things, the so-called Wifi? Fingerprint to notify the UoC of any changes. In this way, the location of the authentication can be determined in compliance with data protection regulations and accurately, even without GPS or GeoIP. The wifi? Fingerprint is therefore to be used as a risk signal.

The software must offer the possibility to register devices at login, which are then classified as trustworthy (trusted endpoint). This must work both together with mobile device management (MDM) and without MDM for Bring Your Own Devices - e.g. students and all users who use their own device. For example, attacks that are typically launched by third-party devices must be able to be blocked directly.