How To Reduce Identity Theft with Multi-factor Authentication

How secure is your identity? Can you say with certainty that your passwords cannot be hacked?

Admittedly this is a hard question to answer, nothing is ever certain despite best efforts, but what we can do, is apply best efforts. Your identity (who you are, what you do, what you access) whether it is accessing services in the cloud like Office 365 or Google, or even accessing a service within your organization linked to Active Directory, whichever way you look at it your identity is typically secured behind a password, and so managing this password is just as important and requires as much thought in securing it, as it is when using it. With so many systems in the cloud, it becomes so much easier for unscrupulous characters to try and brute force their way into your credentials.

On average, a user has 20 credentials, that’s 20 different passwords to access different systems internally and/or externally, that is a lot of privileged access to business systems and sensitive data, if any unauthorized individual happened to get hold of one or all of those credentials, it would cause a massive security breach, so securing the management of your password, either through changing or resetting your password, is as important as the act of using secure, hard to crack passwords.

On average users have 20 credentials, that’s 20 different passwords to access different systems internally and/or externally, that is a lot of privileged access!

Password Policies

Education is key, basic security principles and high entropy passwords are vital for users and business.

Now that a users password is secured we should think about how we’re securing the management of passwords, a lot of business systems are now running in the cloud, opening up a whole gambit of individuals willing to run simple brute force attacks against your credentials, yes we can have some lockout policy but we can be more proactive by offering multifactor or two factor authentication to users to manage, change or reset their passwords.

Password Self-Service with Multifactor Authentication

On average users have 20 credentials, that’s 20 different passwords to access different systems internally and/or externally, that is a lot of privileged access!

What is Multifactor?

Typically, what will happen is that when you try to log in to a portal to reset your password or change it, say to a password self-service portal, the process will send a one-off, time-limited code to a device that it knows belongs to you (typically a mobile phone) and requires that code to be entered in before moving forward.

Benefits of Multifactor Authentication

Strengthens Security

Supporting Compliance

The Health Insurance Portability and Accountability Act (HIPAA), does not specifically require multifactor authentication but there are numerous provisions within the Security Rule subparts that encourage the need for a strong authentication process. Even if standards and policies do not state explicitly multi-factor or two-factor authentication is required, it may still be the best step.

Simplifying Login Process

This scenario gives practicality to multifactor implementation, reducing login fatigue, when users get tired of logging into different accounts, typically multifactor authentication would only add more stress to users, but combining with other benefits like single sign-on, a single multifactor authentication instance would cover secure login to all apps needed by a user.

Multifactor Authentication is Essential

Originally written and posted on LogonBox.com