By Ron Temske, Vice President of Security Solutions, Logicalis US
In this article, I want to talk about the importance of Multi-Factor Authentication (MFA) when it comes to providing a comprehensive enterprise security strategy. I’ll provide a brief overview of the technology, discuss why it’s so important and then identify some solutions in this space.
First, the idea of authentication is one that most of us understand. Put simply it’s a method for validating that we are who we say we are. Almost all modern systems provide access based on an authenticated user identity, so getting that correct is critically important, and getting it wrong can mean providing someone with bad intentions access to your privileged systems.
The challenge is that authentication that is simply based on a password alone can be easily compromised. Even if you skip the more common errors, such as simple to guess passwords, writing them on sticky notes, using the same password on multiple accounts, and other poor password and password handling choices, there are many tools that can crack most passwords in a short amount of time. End users often end up changing their passwords, sometimes making them simpler and easier to crack again.
Multi-Factor Authentication is a good method for solving this dilemma. The idea is simple – combine something you know (the password) with something you are or something you possess. The latter can be some type of token, either a physical card or hardware device, or an application running on your mobile device or received as a SMS, something you are may be some type of biometric factor, like a fingerprint or retina scan. Most of your end-users have already used multi-factor authentication whether they realize it or not. When they use their ATM cards to obtain cash, for example. The card is what they possess and the pin is what they know. Without both tightly coupled authenticators they cannot withdraw cash.
MFA is a good idea for all users, but it is also a mandated step by various security standards such as PCI-DSS. According to the Cloud Security Alliance nearly 22 percent of those who reported a breach said it was caused by compromised credentials. This means that a simple, and affordable authentication solution could protect against nearly one-quarter of all security breaches.
Additionally, we there are managed services built around these solutions where a security provider can either manage your new or existing environment, or provide a security-as-a-service solution. Whatever option you choose, an MFA solution is the right choice.
Read a two-part article exploring what an umbrella approach to security can look like in your enterprise – Part One: Potential DNS Vulnerabilities (http://ow.ly/Gd7Q307SBUE) and Part Two: A Secure DNS (http://ow.ly/kSuT307SCnY). Then, download an infographic displaying the benefits of Taking an Umbrella Approach to Security and one displaying the benefits of Transforming Internet Security with Big Data.