The lock pick and ski mask are officially old hat. Nowadays, if someone wants to take your valuables, they can easily pick your pocket while sitting comfortably at their desk. High profile cyber-security breaches are making headlines daily, so it’s baffling that still to this day the world’s most popular password is 123456. With World Password Day on May 2, now is the perfect time to re-assess your approach to password management and also #LayerUp by utilizing one of the most useful data theft deterrents we have today; multi-factor authentication (MFA).
Layering Up with Multi-Factor Authentication (MFA)
Okay, so your password isn’t just the word “password,” but to truly be vigilant against cyber-attacks, you’ll need to get familiar with MFA ASAP. Multi-factor authentication is a security system that requires multiple forms of authentication from different categories of credentials to verify user identity. This practice is already widespread with many common real-world applications, such as banks requiring you to swipe your card and then enter your pin or having to reply to a text message when you change your e-mail password. With many companies already struggling to find effective methods for storing passwords and re-using combinations out of convenience, adding multiple authentications has emerged as the solution of choice because of its ability to more effectively determine user identity.
Choosing Personalized Authentications
As CPU processing speeds increase, cyber-attackers are managing to access systems quicker than ever with the latest methods (such as GPGU password cracking and rainbow tables) while cracking 14-digit passwords in less than three minutes. Therefore, you’ll need hyper-specific authentications that help differentiate the malware bots and cyber attackers from the members of your team. The three categories of authentication types are:
- Knowledge: Something only you know (ex. a personal password)
- Possession: Something only you have (ex. a key fob or smartphone)
- Inherence: Something only you are (ex. fingerprints or retinas)
Combining these processes makes credential theft much harder and can cause potential attackers to move on to lower hanging fruit more quickly. And with current technological advancements, there are many options on the table to use to stay secure.
Options Provide Convenience
With that in mind, adding more hoops to jump through when you need to access essential systems isn’t going to be convenient, so it’s best to choose a process that fits your specific situation the best. Any MFA solution should adapt to your team’s needs and not the other way around. Some popular options to consider are:
- SMS/Text Messages: Users receive codes in messages sent to their work smartphones
- Phone Calls: Users receive phone calls and provide answers after a voice prompt
- E-mails: Users receive links via e-mail
- Security Questions: Users answer pre-determined questions
- Hardware Tokens: Users carry a small hardware device like a key or smart card
- Software Tokens: Users use a phone app or software-based application on an existing device
The Ultimate Lock: MFA Managed by An MSP
If you’re looking for absolute top-level security, consider working with a Managed Service Provider (MSP) to help you make the right decisions for your business. A top-of-the-line MSP like AdRem Systems can keep you secure from top to bottom by creating and storing unique passwords, selecting the proper MFA methods, and training your team to implement a multiple authentication system effectively. Contact AdRem today.