18 lines
946 B
Plaintext
18 lines
946 B
Plaintext
|
Disabling certificate-based authentication can reduce an organization's
|
||
|
|
ability to react against attacks on its critical functions and data.
|
||
|
|
|
||
|
|
Azure offers various authentication options to access resources: Anonymous
|
||
|
|
connections, Basic authentication, password-based authentication, and
|
||
|
|
certificate-based authentication.
|
||
|
|
|
||
|
|
Choosing certificate-based authentication helps bring client/host trust by
|
||
|
|
allowing the host to verify the client and vice versa. It cannot be forged or
|
||
|
|
forwarded by a man-in-the-middle eavesdropper, and the certificate's private
|
||
|
|
key is never sent over the network so it's harder to steal than a password.
|
||
|
|
|
||
|
|
In case of a security incident, certificates help bring investigators
|
||
|
|
traceability and allow security operations teams to react faster. For example,
|
||
|
|
all compromised certificates could be revoked individually, or an issuing
|
||
|
|
certificate could be revoked which causes all the certificates it issued to
|
||
|
|
become untrusted.
|