• Register

Multi-Factor Authentication: You Have No Choice But to Comply

Fotolia 56015865 XS 1If one thing is clear about enterprise security, it’s that it absolutely cannot be ignored if your organization hopes to protect your business' most lucrative assets. One of the ways in which your business can improve their security practices is by implementing across-the-board multi-factor authentication solutions.

The key benefit of implementing multi-factor authentication is that it creates stronger security for your solution. Two-factor authentication makes it much more difficult for hackers to infiltrate your network and steal data. Companies that institute a multi-factor authentication security solution take advantage of the addition of a secondary set of credentials, often through a key code sent to a fob or mobile device. These credentials are used to supplement the traditional password and username, providing another layer of security. While these measures might make things more challenging for hackers to infiltrate your company’s network, what happens if your credentials are acquired by hackers?

What Happens to Stolen Credentials?
Hackers can steal credentials in a variety of ways, ranging from something as simple as a spam campaign, to elaborate social engineering schemes such as whaling (CEO fraud) or spear phishing tactics. Other times, they might use keyloggers or spyware to collect data en masse and sift through it for important information. The easiest way for nefarious parties to obtain your stolen credentials, however, is to purchase it from other hackers. Stolen credentials have become quite lucrative and can be sold on the black market for a hefty price.

Another reason why hackers would want your credentials is for the purpose of committing fraud. Often times, they can get all of the information that they need to steal identities just form data dumps, which could include Social Security numbers, email accounts, addresses, phone numbers, and other potentially compromising information. Furthermore, “hacktivists” like WikiLeaks and other agencies have been known to expose stolen data or documents to the public in an effort to produce “transparency,” but the results are often more detrimental to the organization involved than they are helpful to the public. If your organization has multi-factor authentication and you are involved in one of these data dumps, where credentials become exposed to the highest bidder, the extra layer of protection is advantageous.

Why Multi-Factor Authentication Has Become So Important
While it’s clear that multi-factor authentication is essential to the security-minded CIO, there are other reasons why you have to begin to consider securing solutions with multi-factor authentication. It’s quite possible that in the near future, multi-factor authentication will be required to be set up as part of a regulation. For example, the University of Texas has recently declared that anyone associated with the university must be using the college’s own multi-factor authentication tool to augment their safety practices.

Additionally, the White House is also encouraging organizations to get started with multi-factor authentication as soon as possible. The National Cyber Security Alliance has declared that multi-factor authentication should become a top priority, as well as stressing the importance of educating users in solid cybersecurity practices. You can review their announcement here for more information. If the United States government makes an official statement about an issue, chances are that your enterprise can’t afford to ignore it.

Furthermore, according to the Verizon Security Report from 2016, organizations have much to fear from online threats of all different types--not just those involving the theft of credentials or data. 63 percent of confirmed data breaches in 2016 took advantage of weak or stolen passwords, and especially the default settings on new devices or equipment. These incidences amounted to 1,429 cases of confirmed data disclosure, with the majority of these cases involving static authentication (the normal, unsecured password method).

How to Implement Enterprise-Level Multi-Factor Authentication
Before committing to a multi-factor authentication protocol, consider exactly what you hope to achieve with it. For example, what type of protection are you considering? PCWorld explains that there are typically three ways that a multi-factor authentication tool works:

  • Something you know: This includes a password or a PIN.
  • Something you have: A physical security device, like a USB key or a key card, counts as this.
  • Something you are: Biometric technology like retina or fingerprint scanners.

While certainly better than nothing at all, the first two options for multi-factor authentication allow more room for error than using biometric technology. Passwords or pins can easily be intercepted or guessed, and devices like USB keys or key cards could be physically stolen and used to steal data locked behind your defenses. Something like a fingerprint or retina scan is much more difficult to replicate.

A solid approach to implementing multi-factor authentication is to start with your email address. This is where everything tends to start and end. Once you’ve done this, you can move onto other accounts. If you use a password management solution, this is one that you absolutely cannot overlook. Considering how your password manager has access to countless credentials, it’s especially important to secure it behind multi-factor authentication. Keep in mind that many online accounts already offer multi-factor authentication solutions, so be sure to investigate which ones offer it and implement as many of them as possible.

This just leaves your network infrastructure to worry about, but the situation to this issue will vary depending on your enterprise’s needs. Keep in mind that the management of mobile devices like laptops and smartphones should also be strategically aligned with your organizational security practices.

If your enterprise needs assistance with setting up multi-factor authentication, our experience professionals can help. IronEdge Group has knowledgeable technicians who are dedicated to securing your organization’s IT. To learn more about what we can do for your organization, reach out to us at 800-987-4766.

Mobile? Grab this Article

Qr Code
Contact us to discuss your technology needs.
We take the time to understand your technology needs and business goals.