October 30, 2017

Are you who you say you are?

Controlling access to information is the key objective of computer security measures. And, a fundamental aspect of security is determining whether users are who they say they are when they attempt to log into accounts.

Blue Cross Blue Shield/Anthem, Equifax, Verizon, U.S. Securities and Exchange Commission, Deloitte and Whole Foods Market represent data breaches happening since June 2017 alone. The importance of closing weaknesses in software and limiting access to authenticated users cannot be overemphasized. Hackers will not stop their efforts, so we must step up ours.

Authenticating Users

Attempts to authenticate identity began with one-factor authentication. In this schema, users must correctly provide their username and the password associated with that username. Sadly, experience has proven that our passwords simply aren’t strong enough – or even mildly original.

A Huffington Post article released a “list of shame” when it came to 2016 passwords. It seems a lot of us rely on the same simple, easy-to-remember character strings such as “123456,” “Password” and “qwerty.” Even when we try to be more creative, inexpensive password-busting technology can easily crack conventional passwords. Or, we defeat the measures ourselves with sticky note memory aids displaying our credentials on the computer monitor or under the keyboard.

The Rise of 2FA

Against this backdrop, two-factor authentication (2FA) is gaining more widespread popularity. Sometimes known as two-step verification, it is a higher level of security that requires users to provide an additional credential beyond the username/password combination to access an account. Generally speaking, the third means of identification can take several forms:

  1. A piece of knowledge such as a PIN.
  2. A tangible item like a phone or fob.
  3. A personal biometric feature such as a matching fingerprint or voice pattern.

The addition of a third element adds another layer to security, and in so doing, eliminates many potential hackers from the mix. In fact, each successive security layer translates to a greater degree of difficulty for hackers to penetrate, much like the series of countermeasures fortresses of old employed.

However, in making accounts harder to hack, there is a concurrent decrease in the ease of access that authentic users experience. Many view 2FA’s extra log-in step as an inconvenience ranging from minor to major. However, most of us understand that security is worth the extra effort. And, after a few weeks, the added step simply becomes a matter of habit and routine.

Who’s Using 2FA?

Businesses are not the only ones looking to 2FA to limit access to authenticated users. Google, Instagram, Facebook and many other sites offer 2FA to make it harder for unauthorized users to gain access to accounts. For now, it is an optional feature that a user can activate.

Modern cloud providers require 2FA; it is not an option. Simply stated, the vast majority of information stored in the cloud – business records, banking information, personal financial information, business correspondence and much more – is just too vital to be protected by a username/password combination alone.

And, geolocation is coming into play more and more. Use of a “new” device in a different location utilizing another browser at an unusual time of day is enough to warrant an email alert, if not a complete blocking of access.

What’s Next?

The resourcefulness of cyber attackers seems to know no bounds. That is why cybersecurity countermeasures seek to be more sophisticated – and stay a step ahead of hackers. In some environments, especially where the nature of the information dictates a higher level of security, they’ve already moved to three-factor authentication. And, there are efforts underway to incorporate facial recognition as well as continuous authentication factors that rely on a user’s personal behavior, for example, typing speed or mouse use, to establish identity on a continuous basis, not just at log in.

We recognize your company’s data is you lifeline, so data security is important to us. We are working daily to assure more secure and reliable access to the client data in our cloud.

How CPAs Can Mitigate Cybersecurity Risk During The Extended Tax Season

Tax season is the busiest time of year for CPA firms. Unfortunately, it’s also a busy time for hackers looking to target CPAs during this frenzied..
April 20,2021

Cetrom Support fixed all of my problems, their engineers are very professional, courteous, friendly and very efficient. If all customer service out there was like this, it would be a better world...

- Mid-sized
View All

One of the things we appreciate wholeheartedly about working with Cetrom is how great the people in the service area are and the high-level of responsiveness we have received. I’ve been very pleased..

- Mid-sized
View All

Cetrom’s services and support really stood out against the other cloud vendors. We thought their Citrix delivery platform would have a higher level of adoption because our employees would have the..

- Mid-sized
View All

Our accounting services users working in the field have greatly benefited from our migration to the cloud. They’re now able to be much more efficient while working in a client’s office because they..

- Mid-sized
View All

The decision to migrate to the cloud was one of the best business decisions Rub & Brillhart has made. It required an investment, but we have determined that our year two IT costs will be reduced by..

- Midwest
View All

Our migration process with Cetrom was very smooth and we had an excellent experience with their support during the demo process. We have 24/7 monitoring on our onsite equipment and they have the..

- Small
View All

We are extremely happy with the service and support we receive from Cetrom. Our staff is more efficient overall in our day-to-day activities and we don’t have any downtime. It’s a good feeling..

- Mid-sized
View All

Cetrom is an extremely cost-effective option for IT services. Not only do we receive significantly improved customer service, but we were also able to add a new VoIP system, better internet service,..

- Mid-sized
View All

Because we use specialized software for CPAs, we were concerned about the migration process. Cetrom’s CEO reassured us that there’s no concern because they understand how the software operates in the..

- Mid-sized
View All

We use two programs that often posed a challenge for our previous IT providers. Cetrom handled the situation professionally, coordinated with the software vendors, did all the backend testing, and..

- Mid-sized
View All

After interviewing and reviewing the proposals from various IT providers, it was really a night and day comparison about price, service, and performance—Cetrom was just outshining the others on every..

- Mid-sized
View All

I just want to drop you a line and let you know how pleased we are with our move to Cetrom. Your people knocked it out of the park for us and are doing a great job getting us up and working. On our..

- Small-sized
View All

Because we use specialized software for CPAs, we were concerned about the migration process. Cetrom’s CEO reassured us that there’s no concern because they understand how the software operates in the..

- 97%
View All

Cetrom’s Cloud Computing offers a high-quality, reliable and secure alternative to traditional IT management and provides immediate access to all my IT resources whether I’m in the office, at home or..

- High-quality,
View All

blog Archives

See all

How CPAs Can Mitigate Cybersecurity Risk During The Extended Tax Season

Tax season is the busiest time of year for CPA firms. Unfortunately, it’s also a busy time for hackers looking to target CPAs during this frenzied..
April 20,2021

Cetrom Support fixed all of my problems, their engineers are very professional, courteous, friendly and very efficient. If all customer service out there was like...

- Mid-sized
View All

Blog Archives

See all
Is Cetrom Your Cloud Services Solution?