In the 21st century, data is the new currency, and protecting it is becoming increasingly difficult. Enterprises must be aware of what steps to take to safeguard their most valuable resource, including implementing authentication methods.
Along with the pressures involved in keeping up with a constantly changing economic situation, battling competitors and staying on top of industry developments, one of the most serious threats to any enterprise today is a cyberattack. Not only can a company’s entire system be crippled for days or weeks, but hackers are increasingly targeting companies’ customer data, which can then be sold to the highest bidder.
This threat affects all industries, including healthcare, government and retail. According to the latest Internet Security Threat Report from Symantec, in 2015 spear-phishing email campaigns increased by 55 percent; half a billion personal records were stolen; and ransomware campaigns, which seek to encrypt all your files until you pay a fee, rose by 35 percent. Enterprises are trying to fight back, using a variety of tactics in a bid to secure their data, including educating employees, putting robust security policies in place and employing the latest technology — such as Samsung’s Knox security platform — to thwart hackers.
Authentication methods are an increasingly popular security tactic for businesses, and by far the most widely used is two-factor verification.
How Does It Work?
Two-factor verification — also called two-factor authentication or two-step verification — works on the principle of “something you have and something you know.”
The “something you have” is typically your smartphone and the “something you know” is your password. Once you have two-factor authentication switched on, every time you sign into an online account from a new device (laptop, desktop, tablet, smartphone, etc.) you’ll be asked to enter a unique code which is sent to your smartphone.
Passwords alone are simply not secure. Given that 65 percent of people reuse passwords for multiple online accounts and hackers can use brute-force attacks to guess passwords, implementing two-factor verification is a must. Adding that extra layer of security means that even if a hacker is able to discover your password, they won’t be able to access your account without being in physical possession of your phone. Implementing these authentication methods across your enterprise is a smart idea, especially for employees who access sensitive data on a regular basis.
Methods of Delivery
The most widely used method of delivering the unique code is through SMS. While this method is extremely convenient, it’s also among the most susceptible to hacking.
A determined attacker will be able to intercept a text message coming to a user’s phone or clone a phone’s SIM and impersonate its user to gain access to all of their accounts. The level of security is also lowered by the need to have all messages go through a mobile carrier, adding another chink in the system’s armor. The National Institute of Standards and Technology recently released research pointing out that SMS is an old protocol with many potential security vulnerabilities.
Additional Measures
Fortunately, there are more secure alternatives available for enterprises hoping to implement authentication methods.
With the advance of technology, biometric authentication is increasingly becoming a viable method of verifying someone’s identity. To date, fingerprints have been the most popular method, but now businesses can also rely on iris scanning, which promises better security as it checks more points than fingerprints.
Authenticator apps — such as Authy — are another solution. Rather than having the codes sent to a phone, with an authenticator app, they’re generated on the device itself using cryptographic algorithms. While not foolproof, and still not supported by as many services as SMS verification, authenticator apps are a much more secure option.
Another solution is known as one-button authentication, which removes the need for entering a code completely, and instead asks users to simply click a button saying “Yes, that’s me.” It works on the principle that the user knows they’re trying to access an online account, because if they weren’t, they wouldn’t tap the prompt on their smartphone.
Finally, enterprises that really want to secure their systems could roll out standalone hardware keys that generate a unique code when signing into accounts from a new device. These keys are used by some banks as an added layer of security for customers signing into online banking, and make it virtually impossible for hackers to access those accounts — though it can be expensive to implement.
Using some form of two-factor verification makes it that much more difficult for attackers to breach your account, ensuring the safety of your company and customer data.
Developing a culture of security in your business starts with employee education. Follow these five tips to raise security awareness among your employees.