Have You Audited Your Apps Lately? Here’s Why You Should.
Our smartphones are our lifelines. They keep us connected, entertained, and organized. But our devices can easily become cluttered with so many apps...
"Only 11% of enterprise users make use of those tools (Speaking of MFA). That means a staggering 89% of accounts remain open to fairly simple attacks." Forbes
To understand multi-factor authentication, we can start by understanding what is ‘authentication’. When you go to log in to an account or device, for security purposes, there are some forms of proof that you have the authorization to be granted the access that you’re requesting.
The simplest form of authentication is the use of login credentials, such as a User Name and Password.
Unfortunately, many services or online accounts use an email address as the Username, to make it easier for them to manage multiple logins and provide high-quality support and customer success services.
This makes half of the log-in credentials for your company easy to guess. Using a tool like hunter.io, company addresses are easily discovered, or at least the structure of your email addresses is easy to discern, getting hackers and bad actors halfway into your systems.
While we would all like every employee to use the best password management techniques, unfortunately, this is a challenge in virtually every business and using some well-known techniques, passwords can be guessed or cracked.
That Means We All Should be Using Multi-factor Authentication
Multi-factor authentication is a methodology whereby someone is granted access to a computer, device, or application only after providing two or more pieces of evidence (the ‘factors’) that verify who they are.
Knowledge
Something that only you would likely know, such as your mother’s maiden name or the brand of your first car.
While this is an additional barrier, oftentimes these are discoverable given some effort or access to another of your accounts like your credit history.
Don’t take social media quizzes! This is one method of extracting information along these lines. Also, don’t use easily discoverable factors like your birthday.
Possession
Something that only you would have, like a USB drive or a key, or at an ATM, your debit card. This also relates to texting another device, such as a one-time SMS code to your mobile phone, the assumption being that you only would be in possession of it.
Oftentimes you will be sent a one-time password to regain access to your account or to change your password.
Biometrics
Is an advanced form of multi-factor authentication and, other than in Mission Impossible movies, very hard to beat.
Phishing attacks using COVID-19 as a lure are the most noticeable and immediate cybersecurity risk during this pandemic. Attackers are utilizing Credential Phishing, where they put up a fake login page to trick individuals/staff into entering their credentials.
Multi-factor authentication is a great form of defense against this as an added security measure that prompts a user for an additional form of identification upon sign in such as a 4-6 digit code sent via text.
If you only use a password to authenticate a user, it opens a vulnerability for a potential attack or breach. Many use the same password for multiple accounts and if your password is weak, or exposed on the dark web, it opens the door for an attacker to gain access to your account and sensitive information.
Here are some areas to get started:
Email: Office 365, Google G Suite
Cloud-based storage solutions; Dropbox, OneDrive, Google Drive, etc.
Banking and Financial Services
Social Media for your business and personal
Teknologize is a SOC 2 certified, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:
Questions about your IT or Cybersecurity? Give us a call today!
Our smartphones are our lifelines. They keep us connected, entertained, and organized. But our devices can easily become cluttered with so many apps...
The holiday season is here, bringing the excitement of discovering amazing deals during Black Friday and Cyber Monday. But while you’re hunting for...
Ah, the holiday season, when everything sparkles, sales soar, and your to-do list rivals Santa's naughty and nice list. For businesses, it's a time...