The password simply isn't secure anymore. Spyware, brute force attacks, dictionary attacks, and phishing can make circumventing passwords easy. Here are five tools to add an extra layer of security.
Passwords are dead, or at least they should be. Constant hacking and leaking of usernames and passwords leaves little doubt that companies can't be trusted to protect user data, and personally owned devices like PCs and smartphones have never been reliably secure.
In short there's no reason to assume that your password isn't going to be intercepted, hacked, or brute cracked.
Businesses large and small need to provide their employees and users with an extra layer of security, especially with so much work being done remotely in the modern era. Users of Facebook, Google, Amazon, and other large online companies are familiar with the most common way security is improved: Multifactor authentication, or MFA. There's no reason you can't add this extra layer of security to your business as well.
MFA adds a second security requirement on top of a password, generally a series of randomly generated numbers. They're single use, only allow access for a short period of time, and can be sent via SMS, email, or through a hardware token.
SEE: Your password is weak. Adaptive authentication can offer some armor. (TechRepublic)
SMS is the most commonly used method and is easy to incorporate into existing infrastructures. Here are five products that you can add in with just a few lines of code. None of them are cheap, but they are when you consider the alternative.
In addition, it features a self-service portal for users, API access, and an SDK so that it can be integrated into a variety of platforms and systems.
SecureAuth's IdP offers "six layers of defense" to provide security greater than SMS verification alone. It analyzes the IP address of the login request, the geographic location, and the device itself, and stores IDs to check for fake profiles, behavioral biometrics, and the "geo velocity" of access requests from locations that are simply too far apart to be from a single source.
Twilio's MFA offering, Authy, has a mobile app for iOS and Android, can send SMS or voice messages, and will even provide transaction authorization to confirm that a user is actually signing in when their credentials are used with a yes/no response.
SEE: Worried about identity theft? Then you should avoid these password pitfalls (TechRepublic)
Authy says that its API is so basic that it can be added to web and mobile apps with fewer than 10 lines of code. If that's true it might be the simplest choice available.
MFA through Microsoft Azure is perfect for businesses heavily invested in the Microsoft ecosystem. It can be deployed locally or through the cloud, is already baked into a variety of SaaS platforms, and is even priced per use for smaller offices.
If you're opting for Azure instead of AWS cloud services there's no reason not to choose the Microsoft route.
Quest Software, now owned by Dell, offers an MFA solution Called Defender. It is designed to integrate with Active Directory, so there won't be any need to duplicate or replace a user database, saving time and money.
Defender offers hardware tokens along with iOS and Android apps, giving administrators the choice of how users authenticate. It also offers service for Unix and Linux systems in the form of a pluggable authentication module, meaning all your systems will be secure.
- UK to invest $2.3B in cybersecurity, calls for stronger authentication (TechRepublic)
- Make your cloud safer: How you can use two-factor authentication to protect cloud services (ZDNet)
- Don't let yourself be targeted by cybercriminals: Here are 6 tips for safe holiday shopping (TechRepublic)
- Is multi-factor authentication the solution for identity theft? (ZDNet)
- Dangerous escalation in ransomware attacks (CBS News)