Hestia Double Factor Authentication System to improve security
This post is over 1 year old. Content may not be up to date.
- Beast
Hèstia incorporates new inquiries from Via Oberta
Authenticating with a multifactor or double factor in Hestia will add an extra layer of protection to our data. This security measure can be the difference between being vulnerable or not in the case of cyberattacks, as it greatly increases the difficulty for potential attackers on gaining access to our system access credentials.
That is why at Hestia, due to the sensitivity and the level of protection we have to guarantee the data we collect and process, we are forced to apply a double authentication factor. The mandatory use of the Hestia will be from 18 May of 2020. This measure is aligned with the guidelines of the National Security Scheme.
Users will need to identify themselves as always with their username and password and a second added option that they will have previously chosen and configured:
- T-CAT / T-CAT P (*recommended option): With this option you only have to access the Hestia through the button "Access with Certificate". If you have a Digital Certificate of Identity, this is the best option (DNIe also works)
- With a Verification code installed on your mobile: This is an easy and cost-free solution that does not affect the terminal, whether it is particular or not. You need to configure the option by following the instructions that appear when you click the "Sign in" option. You only need to configure it the first time
- With a Verification code installed in your browser of the user's pc / laptop (each potential user of the same pc / laptop must have the verification code installed in their Windows session). You only need to configure it the first time
In case of forgetting the mobile or any other case, the coordinator or support staff can force the restart of the second factor, by clicking on the button "Reset MFA" in the same section of user settings inside the 'Beast. The user will have to reconfigure the new factor chosen in the first new access.
Faced with the current crisis in which we find ourselves, and the reality of not being able to do without the activity that the basic teams of social services carry out with the most vulnerable groups of people, either in person or through telework, from the Consortium AOC has enabled the option to be able to identify with double factor, from the section of configuration of the users, for all that so decides it. This option aims to help prevent system vulnerabilities and access to ABSS data by outside and unwanted entities, by connecting professionals in many cases from their private computers.
Also, we want to emphasize the recommendations made from the Quick Guide to Telework Safety published on the AOC website.
The AOC Consortium wishes to wish the best of all Basic Social Services teams in these difficult times and thank and acknowledge their unconditional dedication to the people.