The promises of productivity in the cloud continue to ring true. Access to your data from anywhere, at any time, with the ability to collaborate in real-time, is truly revolutionary and is providing a competitive advantage for organizations in every industry. However, access from anywhere means that without sufficient protections, the wrong people can gain access to your data by easily hacking usernames and passwords.
So, how can companies ensure their user credentials aren’t compromised?
The short answer is, they can’t. The vast amount of stolen records and ever-evolving hacking tools makes it impossible to be assured of protection with only a username and password standing in the way of a data breach. However, with multi-factor authentication (MFA), your risk of compromised usernames and passwords is significantly reduced. This added layer of defense will ensure that the hackers are stopped in their tracks right then and there because they won’t be able to prove their identity.
Data Breach Commonalities
Recent breaches in the news have had a common theme: they did not enable MFA and they practiced poor password hygiene. This applies equally to your personal life and work. With a (relatively simple) process of brute-force attacks to gain credentials, hackers are able to obtain personal identifiable information (PII) and exposing businesses and individuals to incredible risk.
Once they obtain the data, it is sold on the black market and then reused for nefarious purposes, often in the form of compromising a high-value target. Criminals can even automate this process with inexpensive and widely available tools – in some cases, these despicable software developers offer technical support!
What can individuals and organizations do?
- Use unique and complex passwords for each and every account and change them often.
- For an individual or small business, use a password manager to make this easier and more secure, and require MFA to access the password manager.
- For businesses of any size, implement enterprise-grade Multi-Factor Authentication along with Single Sign-On (SSO) within other business applications in the cloud. Your business will have choices about how sophisticated the MFA solution is, based on your organizational risks.
The applications are getting better and easier to use - in fact, you no longer need to carry an authentication token/FOB on your key chain. It's now an easy-to-use application on your smartphone that can be configured to only ask for MFA when needed, such as when a new device asks for access.
Single Sign-On (SSO) can be implemented to keep most or all passwords joined together in a single login. Productivity doesn’t need to be lost and organizational data can be as safe (or safer) in the cloud as opposed to a traditional network. That being said, the proper security measures must be put in place. The promise of the cloud is exponential, but good security practices must keep pace with the technology.
As data breaches become more common and tactics sophisticated, it's time to protect your organization with the next step in security measures. Take that step by clicking here, or on the button below.
Kevin Beling is an Account Manager at Systems Engineering, focusing on ensuring valuable and long-term client relationships by helping organizations to meet and exceed their business goals. Kevin has been with the company since 2015.