Friday, 6 March 2020

Why You Should be Using 2 Factor Authentication Right Now!

In this article, we explore two-factor, or multi-factor, authentication as a much more secure, and human-friendly solution.

According to the Verizon 2019 Data Breach Investigations Report, 62% of breaches not involving an Error, Misuse, or Physical action (in other words, wounds that weren’t self-inflicted) involved the use of stolen credentials, brute force, or phishing.

This alarming statistic demonstrates how much of a weak link traditional password practices in the security chain for many businesses.

In this article, we explore two-factor, or multi-factor, authentication as a much more secure, and human-friendly solution.

What’s wrong with traditional passwords?

With cybersecurity becoming a truly critical issue for businesses, the issue of authentication has come to the fore. Authentication – how to improve secure access to IT resources and data – has featured consistently in the cybersecurity landscape in recent times.

Businesses of all sizes, spanning all sectors, are now looking to improve authentication processes in the hope of securing their networks. We’ve all known for quite some time that password strength is a key element in the fight against cybercrime, yet an alarming proportion of people have remained lax in their password practices.

Despite knowing that weak passwords present a security risk, all too commonly people shun strong passwords in favour of easy-to-guess options such as ‘password’ or ‘12345…’. And then they use this same combination across all accounts. The reason for this is obvious; people simply can’t remember numerous different and complex passwords.

In attempt to combat this problem, many companies have implemented measures such as enforcing a strong password policy and blacklisting commonly used words e.g. password, admin, login, hello etc. This, however, has not solved the problem.

Instead it has led to additional security problems because, in response, people have turned to password managers, sticky notes and other shortcuts to help them remember their passwords. This simply provides attackers with more options, giving them more places to look when attempting to gain access to protected systems.

Due to the rise in cybercrime and the increasing recognition that passwords are a weak link in the security chain, the drive to replace traditional passwords with more secure technology has gained momentum in recent times. The solution? Two-factor, or multi-factor, authentication.

Why two-factor authentication is much more secure

Two-factor authentication is being widely adopted as a much more secure way of gaining access to systems. Such as online banking, Apple, gmail and outlook.com. This approach relies on multiple verification steps to authenticate a user. Such steps may include traditional usernames and passwords, but with additional security layers such as biometrics or one-time authentication codes sent to a separate, trusted device.

For example, the user may opt to have a code sent via text or phone call to their mobile phone. This presents a significant problem for hackers because it prevents them from being able to gain access to systems simply by knowing or guessing the password or using a password hacking tool. They would need additional information, such as the user’s biometric data or physical access to the trusted device, which is an unlikely set of circumstances.

As such, two-step authentication goes a long way to solving the security pitfalls associated with traditional passwords.

The same Verizon report mentioned earlier also says: "2FA everything. Use strong authentication on customerfacing applications, any remote access and cloud-based
email."

How can businesses implement two-factor authentication?

There are several ways that businesses can implement two-factor authentication. Some companies choose to build their own system, using, for example, a service which sends SMS codes to user’s devices or having physical tokens for the second layer of authentication. These methods, however, are usually not best suited to SMEs as they can be costly and time-consuming to implement and manage.

The simplest way for SMEs to implement two-factor authentication is to invest in a multi-factor authentication solution provided and managed by a trusted vendor. A good example of one such solution is that provided by DUO.

The DUO solution offers a range of options for second factor authentication, to support all users, including one-time passwords, phone callback, SMS passcodes, Universal 2nd Factor, the DUO mobile app, “hard tokens” and more.

In addition to verifying trusted users, the DUO solution ensures that only trusted devices can gain access, by checking the security health of users' devices and blocking those that are risky.

DUO protects all applications, whether they are on premise or cloud-based. Businesses can choose from a range of affordable packages depending on their needs and there’s even a free version for those with limited and basic requirements.

Double-up on your IT Security today!

If you’re still using outdated password practices in your business, it’s time to rethink.

As time goes on, cybersecurity is becoming an increasingly critical issue. If passwords are the weak link in your security chain, then two-factor authentication can provide a simple and effective solution.

Find out more about our Two Factor Authentication solution here.

Or to discuss 2 Factor Authentication solutions, contact us at Grant McGregor today on 0808 164 4142.