Taking care of employees is crucial for attracting and retaining top-tier talent. A progressive company culture, competitive salaries, and traditional benefits will always be a strong foundation for a...
Fraud & Cyber Security
|
3 min read
Each day, we all use authenticators to prove our identity and establish trust. Whether it's accessing our cell phones, bank accounts, or our employer's network, authentication is a part of our daily life. Without authenticators, establishing trust would make business transactions very difficult, and without secure authentication, an imposter could severely damage a business’ financial interests and their digital persona. Proving identity is increasingly important as we use global online services and surround ourselves with the internet. In this blog post, we’ll discuss the value of using multi-factor authentication in your company’s cyber security efforts, and give you tips for further protecting your organization’s sensitive information.
When it comes to protecting your data, two is better than one!
Account takeover is a serious cyber security risk to both businesses and individuals. If someone steals credentials, they may wreak havoc in minutes that could last for a very long time. Since many people reuse passwords for multiple accounts, losing one set of credentials puts more than just one service at risk. Credential reuse is risky—it’s like putting your only copy of all of your keys on the same key ring and then losing it.
Multi-factor authentication (a.k.a., two-factor authentication, 2FA, MFA), is a second layer of security that requires you to provide an additional credential with your account password. The second factor may be an SMS-code, app-generated code, app touch, fingerprint, face scan, or even a physical key. Adding a second factor lowers account takeover risk, because the attacker has to defeat two controls to gain access to an account.
Common Multi-Factor Authentication Methods
-
SMS (text message) is a popular second-factor implementation to receive a one-time password (OTP). However, this factor is susceptible to phone number porting scams and Subscriber Identity Module (SIM) swapping attacks.
-
Authenticator apps such as Okta Verify, Google Authenticator, and Microsoft Authenticator are installed on mobile devices and linked to accounts to provide one-time codes that are only valid for a short time. While effective, you must have the mobile device, which could be lost or stolen. Note: If your device does not have password or passcode, your second factor is exposed.
-
Phone call is a second factor when mobile devices are not allowed, such as in clean rooms (an environment free from dust and other contaminants) and call centers. Upon authentication, you will receive a phone call to verify your access.
-
A security key is the most secure second factor and serves as a physical key to your account. To access the account, the security key requires physical access to the device to complete authentication.
-
Biometric authentication is a method of verifying a user’s identity using their unique biological features, such as fingerprints, facial structure, iris composition, or voice.
Multi-Factor Authentication—an Added Layer of Security
While multi-factor authentication may seem like a burden to many, it is nonetheless a critical security control. The time spent using a second factor is significantly less than the time it would take to recover from identify theft, data loss, or reputation damage. We encourage you to enable multi-factor authentication proactively on your company’s sensitive accounts.
Like other forms of insurance, you need protection before an incident occurs. While it may be impossible to completely protect your organization from a cyber-security breach, you can protect your business from the aftermath by having a comprehensive cyber liability insurance policy.
We can provide you with a free analysis of your current Cyber Liability Insurance, or if you don’t have one, we can develop a Cyber Liability Insurance policy that is right for you and your company. Click the banner below to get started!
Let Us Know What You Thought about this Post.
Put your Comment Below.