Controlling access to information is the key objective of computer security measures. And, a fundamental aspect of security is determining whether users are who they say they are when they attempt to log into accounts.
Blue Cross Blue Shield/Anthem, Equifax, Verizon, U.S. Securities and Exchange Commission, Deloitte and Whole Foods Market represent data breaches happening since June 2017 alone. The importance of closing weaknesses in software and limiting access to authenticated users cannot be overemphasized. Hackers will not stop their efforts, so we must step up ours.
Authenticating Users
Attempts to authenticate identity began with one-factor authentication. In this schema, users must correctly provide their username and the password associated with that username. Sadly, experience has proven that our passwords simply aren’t strong enough – or even mildly original.
A Huffington Post article released a “list of shame” when it came to 2016 passwords. It seems a lot of us rely on the same simple, easy-to-remember character strings such as “123456,” “Password” and “qwerty.” Even when we try to be more creative, inexpensive password-busting technology can easily crack conventional passwords. Or, we defeat the measures ourselves with sticky note memory aids displaying our credentials on the computer monitor or under the keyboard.
The Rise of 2FA
Against this backdrop, two-factor authentication (2FA) is gaining more widespread popularity. Sometimes known as two-step verification, it is a higher level of security that requires users to provide an additional credential beyond the username/password combination to access an account. Generally speaking, the third means of identification can take several forms:
The addition of a third element adds another layer to security, and in so doing, eliminates many potential hackers from the mix. In fact, each successive security layer translates to a greater degree of difficulty for hackers to penetrate, much like the series of countermeasures fortresses of old employed.
However, in making accounts harder to hack, there is a concurrent decrease in the ease of access that authentic users experience. Many view 2FA’s extra log-in step as an inconvenience ranging from minor to major. However, most of us understand that security is worth the extra effort. And, after a few weeks, the added step simply becomes a matter of habit and routine.
Who’s Using 2FA?
Businesses are not the only ones looking to 2FA to limit access to authenticated users. Google, Instagram, Facebook and many other sites offer 2FA to make it harder for unauthorized users to gain access to accounts. For now, it is an optional feature that a user can activate.
Modern cloud providers require 2FA; it is not an option. Simply stated, the vast majority of information stored in the cloud – business records, banking information, personal financial information, business correspondence and much more – is just too vital to be protected by a username/password combination alone.
And, geolocation is coming into play more and more. Use of a “new” device in a different location utilizing another browser at an unusual time of day is enough to warrant an email alert, if not a complete blocking of access.
What’s Next?
The resourcefulness of cyber attackers seems to know no bounds. That is why cybersecurity countermeasures seek to be more sophisticated – and stay a step ahead of hackers. In some environments, especially where the nature of the information dictates a higher level of security, they’ve already moved to three-factor authentication. And, there are efforts underway to incorporate facial recognition as well as continuous authentication factors that rely on a user’s personal behavior, for example, typing speed or mouse use, to establish identity on a continuous basis, not just at log in.
We recognize your company’s data is you lifeline, so data security is important to us. We are working daily to assure more secure and reliable access to the client data in our cloud.