Why every business needs to deploy a multifactor authentication method.
The internet has transformed our lives by making the purchase of goods and services much faster and convenient, but all of that comes with a cost. The online world presents risks in personal and professional security. Just how big are these risks?
A study by the Clark School at the University of Maryland revealed that a hacker attacks a computer with Internet access every 39 seconds, affecting one in three Americans every year. The nonsecure usernames and passwords we use give attackers a greater chance of success. Today, 54% of consumers use five or fewer passwords for all their accounts; that’s a risky security practice that allows hackers to take down multiple accounts just by cracking one password.
According to the 2018 Verizon Data Breach Investigation Report, 81% of data breaches over the last few years have been associated with passwords. Computers don’t know when a password has been compromised; they grant access to anybody who can get in.
This lack of proof of identity is an obvious flaw in using solely passwords for security. Highlights of this whitepaper include:
What is Multifactor Authentication? (MFA)
Multifactor authentication (MFA) is a security practice that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.
3 Important Reasons to Deploy MFA
1. Protection of User Identity, Specifically Email Accounts
In phishing campaigns, attackers send emails with urgent subject lines to get users to open them. Phishing emails typically include a link that redirects users to a malicious site that downloads malware on their devices, or a link to a spoofed website with a login form to steal user credentials.
2. Protection of User Devices
With the advent of bring your own device (BYOD), users are using their own devices, such as smartphones, laptops and tablets, to log into work applications remotely.
3. Application Protection
Web applications can be accessed via your browser, and include services such as email, data storage, collaboration and productivity apps that require no local hardware or software installation to use. It makes it fast, easy and reliable for users to log into resources with just a browser and Internet connection. Plus, it’s easy for remote contractors and third-party vendors to access your web apps with a set of credentials in order to do their jobs.
Ensure 4 Points of Trust
1. Trusted Access Right Networks partners with Duo Security (a Cisco Company) to verify the identity of your users and the security health of their devices before they access the applications you want them to access.
2. Trusted Users MFA provides a second check after your users enter their usernames and passwords to verify their identities. Employ a cloud-based two-factor solution and use secure methods, like push notifications or a U2F device to complete authentication. SMS-based two-factor authentication is no longer secure according NIST standards, as SMS messages can be easily intercepted or redirected by remote attackers.
3. Trusted Devices Endpoint visibility allows you to avoid the risks associated with known vulnerabilities. Use an endpoint visibility solution to check every device for the latest software, including operating systems, browsers, and plugins like Flash and Java. Check devices to ensure they have important security features enabled, like screen lock, fingerprint identification and a passcode to keep intruders out.
4. Trusted Applications Strong access controls and device security checks are only effective if they’re applied to every application. Create custom access policies and controls on a per-user-group and per-application basis to restrict remote user access. Give your users access to only what they need to do their job. This principle of least privilege can reduce the scope of risk if their account or device is compromised.
With security threats constant, passwords alone are not enough to secure your organization’s data. Using MFA is the only way to minimize risk by adding extra layers of protection. Even better? Right Networks uses Duo Security, the leader in MFA technology, to authenticate over 180,000 user identities every day.
Join our mailing list and get all of the latest news delivered straight to your inbox.