In a world where evil lurks at every connection point, one sometimes has to think and act differently! I predict that in a near future, the way we think and act in the authentication space will change.
You’re back in the office after a well deserved break, staring at your screen trying to remember your password. You have failed the first two attempts and now have just one attempt left before your account gets locked. What to do?
Don’t Build a Truck Factory if You Just Need a Truck
IT operations managers around the world know they ought to roll out multi-factor authentication (MFA) to secure their Citrix NetScaler remote access, and like everyone else, they are looking for the best possible solution to fix their problem. But many fear the process of adding this type of technology. Why? Because the traditional hardware token providers have created the impression that securing your business with strong user authentication is a huge undertaking that requires creating complicated databases and specialist consultants and involves high costs and many IT resources. Furthermore the many different vendors of strong authentication have their own and different agendas that makes the choice hard – what to pick?
We all know the story of Little Red Riding Hood. A girl walks through the woods to visit her grandmother. The Big Bad Wolf tricks her into revealing Granny’s address. Wolf goes to Granny’s house and gains entry by pretending to be Little Red. The Wolf eats Granny, then he polishes off Little Red. At the end of the day, both are saved by a kind-hearted, axe-wielding woodsman. The moral of the story? Be careful you’re not accidentally letting in a wolf.
Your Salesforce CRM stores the data for all of your customers, your potential customers and your pipeline. Can you imagine if this information fell into the wrong hands? Or even worse, if it was destroyed?
Many customers think that if they have data in the cloud, Salesforce is taking care of security and their data is protected. But if last year’s high number of breaches taught us anything, it’s that hackers not only find creative new ways to break through security but also still rely on tried-and-true methods like stolen or guessed passwords. The bottom line is that passwords alone are no longer enough to authenticate users accessing your CRM.
Email usually contains the most confidential information that an organization has – board minutes, customer information, and so on. Once a hacker is able to access someone’s email, he or she can access all types of sensitive information.
In a world where 76 percent of all network breaches involve weak or stolen passwords, it’s clear that passwords are not strong enough to secure anything. Email in particular has become both a prize in itself and a means of entrée into a target organization’s network.
The widespread use of remote access to conduct business has increased the number of entry points for cyber criminals by an order of magnitude. Most people don’t realize, for instance, that ActiveSync-enabled mobile devices create a security vulnerability that can grant easy access to your email. All a hacker needs is an email address and a password.
During the last couple of years there has been a tendency towards the usage of Apps on smartphones for user authentication, as many perceive them to be friendly and useful.
In a world of rising security concerns and hackers constantly developing new ways of breaching companies, one could argue that smartphone Apps pose major security concerns, and should not be used for user authentication.
The last time a hardware token was cutting edge technology, you had a mobile phone the size of a shoebox.
You could rock out at a "Europe" concert listening to their super hit “Final Countdown” (which, by the way, might have been a hidden message about hardware tokens) while having peace of mind by knowing your data was being protected by the latest security the ‘80s had to offer.
Just because it’s 2015 doesn’t automatically mean that a technology is obsolete, right? If you believe that, I have a fax machine I’d like to sell you.
It is widely accepted nowadays that a company’s people are its most important asset. It follows, then, that how productive those people are has a significant impact on the business’s ability to execute on day-to-day operations and achieve short- and long-term goals.
Multi-factor authentication is most often thought of in terms of organizational security, and rightly so. Concerns about cyber threats are the reason companies adopt an authentication strategy. But have you ever considered the effect such a strategy can have on employee productivity?
Hardware tokens were once the gold standard in user authentication, but they have met with resistance all along. Many IT admins have reported that their users never really adopted the hard tokens. They are cumbersome to use and, being physical objects, employees have to carry around something extra. This approach is bound to fail, as employees will forget their hardware token from time to time or misplace it and need to have a new one sent to them. Excuses like “My dog ate my hardware token” might be funny at first, but the avalanche of calls to your IT department from frustrated employees who cannot log in will quickly become a pain for both IT and the other employees.