Thursday, 29 October 2020 15:39

Beyond the password: why MFA is vital for IT security

By Ashley Diffey, Ping Identity
Ashley Diffey, Ping Identity Ashley Diffey, Ping Identity

GUEST OPINION by Ashley Diffey, Ping Identity Country Manager Australia, New Zealand and Japan: Since the early days of the information technology revolution, the task of ensuring effective digital security has relied on the humble password. Used to confirm an individual’s identity, they’ve acted as the keys to vital systems and data stores.

Unfortunately, however, passwords don’t provide the level of protection required in today’s online, interconnected world. Once stolen or guessed, they can be used by criminals to log in to applications and business systems, bypass other access controls, and wreak serious havoc.

There are also a concerning variety of attack vectors hackers can use to steal passwords or gain access. These include phishing attacks, brute-force attacks, web app attacks, point-of-sale intrusions, and even stolen hardware.

For this reason, it’s important that organisations move beyond passwords and embrace a different method of authenticating users. One of the most effective is multi-factor authentication (MFA).

The mechanics of MFA

MFA is used to ensure that digital users are who they say they are by requiring that they provide at least two pieces of evidence to prove their identity. Each piece must come from a different category:

Something you know: The most common example in this category is a password, but it could also be a PIN, a passphrase, or the answer to a question. It needs to be something known only to the individual being identified.

Something you have: The second category comprises items an individual is likely to have with them when trying to gain access to IT systems. Examples can include mobile phones, physical tokens, key fobs, and smartcards.

Something you are: This factor is often verified by a fingerprint scan on a mobile phone, but also includes anything that would be a unique identifier of your physical person. This could include a retinal scan, voice or facial recognition, or any other type of biometrics.
If one of the factors used been compromised by a hacker, the chances of another factor also being compromised are low. This, therefore, provides much stronger security than just a password alone.

MFA and mobility

As well as providing improved security for centralised IT systems and devices, MFA is also an effective way to enable enterprise mobility – something that is high on the priority list for any organisation undergoing a digital transformation strategy.

Studies show that productivity is increased when employees can use their preferred devices to easily and securely access all of the resources they need without being tied to a central office.

By using MFA to log via a VPN, they are able to have the flexibility and on-demand access that they require, while organisations can ensure their infrastructure remains protected.

MFA and customers

While usage of MFA tends to focus on an organisation’s staff, many are also extending its usage to customers. Organisations are encouraging customer use of MFA by explaining how it can not only enhance account security without significantly impacting their sign-on experience, but also make their other interactions more streamlined.

Some organisations are even opting to make an MFA capability available through their own customer-facing mobile applications. This makes it more appealing to use as customers don’t have to download and install a separate app on their chosen device.

Some may not feel the need to require customers to use MFA in all cases. For example, they might choose to bypass MFA in low-risk scenarios, while requiring stronger security in high-risk situations.

For example, a bank may allow a customer to log into their account online with just a password but then require a second authentication factor before any transactions can be completed. A retailer may allow access to their website but require stronger authentication before a purchase can be made or account details viewed.

Overall, an effective MFA strategy will balance the risks of compromised credentials against the impact on customer engagement. Any system needs to be easy to use and not become a barrier to interactions.

It’s clear that passwords can no longer provide the levels of security needed to protect IT systems and data. By embracing MFA, organisations can ensure they have vastly improved security for their infrastructure, staff and customers. Consider whether MFA is right for you.

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.


WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News