What do the celebrity photo leaks, DropBox’s password security breach, and nearly all of the most recent high- and low-profile security breaches have in common? Passwords Management. These data breaches began with cracking users’ passwords. Passwords are the weakest link. They’re both easy to steal and notoriously easy to crack. Hackers, viruses, and malicious software like keyloggers regularly harvest passwords, compiling them into massive databases that are often shared with other hackers. Despite the pleas to use strong hard-to-crack passwords, many users continue to rely on weak easy-to-remember passwords.
While you may not be concerned with how your employees secure their Google and Facebook accounts, you should be concerned with how they sign into your company network and its various digital properties. All it takes is one weak password such as “fluffy2017” or “password123” to put your company’s most sensitive information at risk.
Moreover, you may never know if your network has been breached. Your system logs will only show you a successful login; they won’t be able to tell you if the user who signed in was the actual user or an imposter.
For security reasons, companies use two factor authentication to verify that the person who is attempting to access the network is the real person. The first factor is usually a username and password (strong, please) followed by a second factor that proves the person is who they say they are.
In a nutshell, two factor authentication can use any two of the following three factors:
2. Something in the user’s possession like a mobile phone or computer that can receive email or a text message containing a one-time verification code
3. A biometric like a fingerprint, facial recognition, voice recognition, or a retina scan
This two-step verification process creates a significantly more secure environment when you have employees who must access company-sensitive files both remotely and from within the office. By using two factors, even if a hacker guesses or has access to a user’s username and password, the second factor completely blocks access because the hacker simply does not possess that second factor.
From a management perspective, enforcing two factor authentication makes perfect sense and is essential in securing your network. From a user’s perspective, it may seem like an extra step, and they may not understand the reasoning behind the change. If you make two factor authentication optional, you may find that few users actually use it. At the same time, if you make it mandatory, you’ll need to address employee concerns as well as make sure that everyone has access to compatible devices, key fobs, or biometric scanners which are used to authenticate the second factor.
As with any major change, participation rates improve when users understand the reasoning behind the change. Below are a few tips to help communicate the importance of two factor authentication.
Implementing two factor authentication is more involved than flipping on a switch. Choosing the right solution and strategy is essential. Quikteks Tech Support can implement and monitor two factor authentication to your network. Call us today for a free network consultation.