Multi-Factor Authentication: The Only Choice for Security

Oct 1, 2017

If you work with any important data (and isn’t it all important?), you should use multi-factor authentication. There’s something deeply concerning about accessing your company’s valuable files by typing “PASSWORD123”(and, FWIW, IT guys lose sleep when the CEO uses his birthdate as his laptop password). Multi-factor authentication helps ease everyone’s worries by requiring multiple steps and passwords. You’ve probably dealt with multi-factor authentication for personal information since most banks and insurance providers send a security code to your phone number or email address as part of your log-in routine.

If your laptop is stolen without multi-factor authentication, thieves can guess your password as many times as they want until they get it right. Heck, if you’re using a Windows touchscreen device or an Android phone, they might only have to guess the right screen-swipe pattern! In a world of portable devices, one factor just isn’t enough. Password complexity standards are incredibly low in most cases, and some don’t even require a minimum length. Honestly, if you’re lazy with your passwords, you’re asking for your data to be compromised.

Multi-factor authentication consists of knowledge factors (something you know), possession factors (something you have), and inherence factors (something you are). Knowledge factors are usually passwords or PIN numbers. These also include those annoying security questions such as “what is your birthday?” with answers easily discovered by a hacker in a matter of seconds. Possession factors are becoming increasingly popular with the rise of RSA tokens. IT guys are huge fans of these, thanks to their portability (software versions can be installed on your phone) and easy database management. Inherence factors are things like your fingerprint—the best example is Touch ID on your iPhone or iPad. The inherence option isn’t really applicable on a network, unless your company offers a standard device for each user. Some companies, however, are using fingerprint or retinal recognition to allow physical access to a facility as a way to protect the network.

By combining any of the factors above, you ensure your data safety. Chances are, even if someone steals one of the factors we listed, they won’t be able to get two of them. Security advisors also recommend keeping your devices separate so if someone steals your purse or laptop bag, your device can’t be accessed without the RSA token on your keychain or software token on your iPhone. Implementing multi-factor authentication does involve some up-front costs, but once they are set up, maintaining them is a fairly straightforward and low-cost process. IT providers should be able to provide pricing for multi-factor authentication. If not, contact Network Alliance. We’re more than happy to analyze and improve on your network security!