Don’t Build a Truck Factory if You Just Need a Truck
IT operations managers around the world know they ought to roll out multi-factor authentication (MFA) to secure their Citrix NetScaler remote access, and like everyone else, they are looking for the best possible solution to fix their problem. But many fear the process of adding this type of technology. Why? Because the traditional hardware token providers have created the impression that securing your business with strong user authentication is a huge undertaking that requires creating complicated databases and specialist consultants and involves high costs and many IT resources. Furthermore the many different vendors of strong authentication have their own and different agendas that makes the choice hard – what to pick?
Don’t Build a Truck Factory if You Just Need a Truck
We all know the story of Little Red Riding Hood. A girl walks through the woods to visit her grandmother. The Big Bad Wolf tricks her into revealing Granny’s address. Wolf goes to Granny’s house and gains entry by pretending to be Little Red. The Wolf eats Granny, then he polishes off Little Red. At the end of the day, both are saved by a kind-hearted, axe-wielding woodsman. The moral of the story? Be careful you’re not accidentally letting in a wolf.
Your Salesforce CRM stores the data for all of your customers, your potential customers and your pipeline. Can you imagine if this information fell into the wrong hands? Or even worse, if it was destroyed?
Many customers think that if they have data in the cloud, Salesforce is taking care of security and their data is protected. But if last year’s high number of breaches taught us anything, it’s that hackers not only find creative new ways to break through security but also still rely on tried-and-true methods like stolen or guessed passwords. The bottom line is that passwords alone are no longer enough to authenticate users accessing your CRM.
Email usually contains the most confidential information that an organization has – board minutes, customer information, and so on. Once a hacker is able to access someone’s email, he or she can access all types of sensitive information.
In a world where 76 percent of all network breaches involve weak or stolen passwords, it’s clear that passwords are not strong enough to secure anything. Email in particular has become both a prize in itself and a means of entrée into a target organization’s network.
The widespread use of remote access to conduct business has increased the number of entry points for cyber criminals by an order of magnitude. Most people don’t realize, for instance, that ActiveSync-enabled mobile devices create a security vulnerability that can grant easy access to your email. All a hacker needs is an email address and a password.
During the last couple of years there has been a tendency towards the usage of Apps on smartphones for user authentication, as many perceive them to be friendly and useful.
In a world of rising security concerns and hackers constantly developing new ways of breaching companies, one could argue that smartphone Apps pose major security concerns, and should not be used for user authentication.
The last time a hardware token was cutting edge technology, you had a mobile phone the size of a shoebox.
You could rock out at a "Europe" concert listening to their super hit “Final Countdown” (which, by the way, might have been a hidden message about hardware tokens) while having peace of mind by knowing your data was being protected by the latest security the ‘80s had to offer.
Just because it’s 2015 doesn’t automatically mean that a technology is obsolete, right? If you believe that, I have a fax machine I’d like to sell you.
It is widely accepted nowadays that a company’s people are its most important asset. It follows, then, that how productive those people are has a significant impact on the business’s ability to execute on day-to-day operations and achieve short- and long-term goals.
Multi-factor authentication is most often thought of in terms of organizational security, and rightly so. Concerns about cyber threats are the reason companies adopt an authentication strategy. But have you ever considered the effect such a strategy can have on employee productivity?
Hardware tokens were once the gold standard in user authentication, but they have met with resistance all along. Many IT admins have reported that their users never really adopted the hard tokens. They are cumbersome to use and, being physical objects, employees have to carry around something extra. This approach is bound to fail, as employees will forget their hardware token from time to time or misplace it and need to have a new one sent to them. Excuses like “My dog ate my hardware token” might be funny at first, but the avalanche of calls to your IT department from frustrated employees who cannot log in will quickly become a pain for both IT and the other employees.
Trends such as BYOD and the widespread use of cloud services have expanded the threat landscape and put a strain on IT security. For instance, Gartner predicts that by 2016, eight percent of companies expect to stop providing devices to workers, and more than 30 percent of BYOD strategies will leverage personal applications, data and social connections for enterprise purposes.
Navigating the market for multi-factor authentication in search of the right solution can be tricky. This is especially true for companies looking to implement multi-factor authentication for the first time, but also for companies that already have a solution in place but are thinking about migrating to a more secure and convenient solution. At some point in your search you will likely encounter them: the hardware tokens. These first-generation two-factor authentication solutions come in many shapes and colors, but they all have four things in common: