Published on August 2nd, 2016 | by Emergent Enterprise0
Why you Need a Strong Authentication Program
E-E says: How do you securely recognize your user and your device? Here is a quick aerial view on the importance of authentication. Two-factor or multi-factor authentication could be a powerful weapon in your efforts to ward off breaches. You need policies and procedures in place regarding security as well. Also, you will find a link to this year’s Internet Security Threat Report from Symantec. Tell us how you use authentication in the comments below.
As the security landscape is changing, so are the business challenges that organizations are facing. With data breaches and information theft on the rise, it’s becoming even more crucial to protect your data from unwanted third parties. According to Symantec’s annual Internet Security Threat Report, up to 80 percent of breaches could be eliminated with strong authentication.
With strong authentication, you can work securely across devices and locations, reduce IT burden and control costs, and secure consumer access to your data. Symantec’s Information Protection Team offers tips for addressing common business challenges when it comes to protecting your company data.
First things first, you have to control the access to your organization’s data. While ideally all members of your organization are safe to have access to whatever data they like, you never know when the supposed employee accessing your network isn’t actually who they say they are. Two-factor authentication, or multi-factor authentication adds an extra layer of security beyond simple passwords. Additionally, access levels need to have the ability to change over time – today’s partner could be tomorrow’s competitor. Access management tools allow strict control over who is accessing your network and is the first and most important step toward a secure network.
BYOD and IoT
Mobility has drastically changed the way we do business, from adopting BYOD to embracing IoT. Embedded digital certificates are top priority in IoT devices, but the industry lacks stringent security measures and regulations that require certificates, which makes devices particularly susceptible to threats. With all of these devices potentially trying to access your network, it’s more crucial than ever to have a policy in place to manage and control what employees can access from each device, and addresses app security.
Moving to the cloud
As more apps and data move to the cloud, it’s difficult to know when your sensitive information could be accessed by an unintended third party. While cloud systems are not inherently less secure than on-premise storage, it’s important that the cloud services your organization uses are properly configured and all data is adequately protected. Two-factor authentication helps ensure access to your cloud systems is controlled, along with data loss prevention and encryption policies that ensure data isn’t lost or compromised in case of an intrusion.
Getting ahead of breaches
Data breaches and attacks are on the rise. According to Symantec’s annual Internet Security Threat Report, large businesses that are targeted for a cyberattack will on average be targeted three more times within the year. According to the report, two-factor authentication alone could prevent 80 percent of breaches. Your organization should proactively prepare an incident response plan for when (not if) you are breached, and increase the visibility of intrusion. Web-based administration consoles unify monitoring of all threats attacking an IT environment and increase response rates, sometimes mitigating an attack altogether.
Weak passwords greatly increase the risk of security breaches. It’s common knowledge that passwords should be at least eight to 10 characters long, include a mixture of letters and numbers, and be changed at least every 90 days. It can cause frustration to enforce these guidelines, especially as one of the most important factors is not reusing passwords across multiple websites or devices. Adding two-factor authentication, especially biometric or risk-based intelligent authentications, is a good way to minimize frustration while maximizing the level of security your network has.
Meeting compliance regulations
Your organization is likely required to follow compliance rules set by your industry and government regulations. In some cases, failure to comply with these requirements can lead to loss of the right to operate. When implementing security protocols, double check that you are meeting the appropriate levels of authentication.