It has often been said that, now we are all firmly ensconced in the digital age, data is the new oil.
That’s to say that the exploitation of the newly-discovered oil reserves of the 19th century fuelled huge technological advancement, as well as helped to build huge fortunes. Today, the possession and manipulation of the right kinds of information are having a similar effect.
Alongside this phenomenon, it has also made the illicit and unauthorised possession of data something of a growth industry with hackers aiming to make use of it for their own nefarious reasons.
So, with businesses of every kind drawn from virtually every sector under threat, it is more essential than ever that they have the appropriate level of security in place.
The importance of having secure firewalls and other virus protection measures is well known. But often hackers can gain access to systems and information simply by obtaining users’ names and passwords.
Then, once they have gained access, they can find themselves at liberty to do everything from stealing data to holding organisations to ransom, sometimes for many millions of dollars.
This has led to a state of affairs in which simply having password authentication on its own is no longer a safe option. Hacking software is commonly available on the so-called “dark web” that is reckoned to be able to crack up to 90% of passwords.
It’s also meant that another very successful industry has emerged – one which includes high profile operators like Perimeter 81 who specialize in offering cloud-based security systems specifically dedicated to established and up and coming companies who are looking for cyber security.
As well as providing a cloud-based security platform with features such as Secure Web Gateway, Firewall as a Service and Device Posture Check, Perimeter 81 provides all encompassing network security.
Multi-factor authentication
The frailty of single-factor authentication, i.e, a simple user name and password, has led to the emergence of its far more secure sibling – two- or multiple-factor authentication.
By adding an extra stage, or stages, into the login process it has increased security hugely. Plus, whereas once it was simply a question of asking a question that was reasonably easy to answer from other sources like social media, these additional authentications are almost impossible to sidestep.
For example, instead of having to give a place of birth or a favourite pet’s name the secondary form of authentication can take various different forms that include:
- SMS messages
Following an initial login, the employee of the company receives a code via their phone that they then need to enter for access to the network or system.
This works in the same way as the above, except that the code is sent to the email address of the particular user. This offers the additional advantage that it doesn’t rely on there being a phone signal to receive it.
- Voice call
Less commonly used, some systems create an automated voice call to a specified phone number with the code.
- Hardware Tokens
This a form of technology often used for online banking options and uses a random number generator in a handheld device that generates the code that must be used within a specified time limit.
- Software tokens
Instead of having to provide a specific device, some authentication systems rely on an app being loaded onto a smartphone or other mobile device that randomly generates a code.
- Biometrics
The use of fingerprints, face recognition and even iris-scanning is increasing due to its convenience and security.
- Push notifications
A lesser-used method is the push notification, much like a calendar reminder, that simply sends a message to a smartphone needing a simple yes or no response.
Other advantages of multi-factor authentication
Over and above the obvious security benefits of 2FA and MFA, there are a number of other, perhaps less expected, ones that can have a very positive effect on an organisation’s profitability.
In line with the overall increase in remote working, secondary and muti-factor authorisation mean that devices can be secure wherever they are being used. This freedom to work away from the traditional office environment has an obvious knock-on effect in terms of overall productivity.
It’s also a fact of business today that every organisation needs an IT helpdesk. This may be an internal department or outsourced but, however it operates, it still represents a considerable overhead.
In numerous surveys it’s been found that up to 40% of the calls help desks receive are related to lost or forgotten passwords. Each one can take considerable time to resolve, time that could be spent on other more important tasks.
But the extra layer provided by MFA means that in most cases employees can be left to safely re-set their own passwords, leaving the IT Desk out of the loop entirely.
Last, but not least, the increasing use of cloud-based and app-based authentication like software tokens is making it ever cheaper to run totally safe and secure systems. It’s also why the sorts of businesses developing these are having no problem in raising funding for their development.
Staying one step ahead
That said, the challenges that they face going forward are likely to escalate. And, with more and more people working remotely and other practices set to change, it may well present the ever-inventive hackers with more chinks in the system to try to exploit.
It all adds up to the fact that this is a battle that is never going to end. But the more forms of authentication that are introduced, and the greater the security that they provide, will mean that business may be getting the upper hand at long last.