Shortcut towards a secure site

06-05-2015

Criminal activities and hacks are increasing on the internet, and companies have to increase the levels of security in routines and habits when it comes to passwords and online behavior.

Most of us know the dangers of this, but it seems we are not able to improve in this area.

Phishing attacks trick people daily into revealing their passwords, and users on unsecured networks can have their passwords sniffed. Malicious spyware can capture passwords and send them over the network to attackers. Identity theft is one of the fastest growing white-collar crimes in the world.

Going after user details is still easier than hacking the actual perimeters This is by far the preferred method of breaking and entering. Verizon (backed by all other major companies in this field) states in its latest study that stolen credentials are used in over 50% of attacks or hacks on websites.

Source: Verizon Data Breach Investigation Report 2015

The same study shows that in the financial services market, over 95% of the incidents follow the process: Phish customer -> get credentials -> abuse web application -> empty account

Facts:

  • Easy passwords can be cracked – and we use them all the time;
  • Sharing of passwords make it impossible to know who did what;
  • Same accounts and passwords are used at multiple places;
  • Passwords that need to be continuously changed are not user-friendly enough – so we don’t bother;
  • Hackers are using user names and passwords to steal data;
  • Random passwords cannot be remembered.

What is the recommendation?

Security experts worldwide suggest the usage of a strong, two-factor authentication to protect organizations assets. The same is also recommended by various compliances/certifications like PCI-DSS, HIPAA, SAS 70, ISO 27001 and others.

The strongest and closest to fool-proof safety against identity theft is Two Factor Authentication. And, it is also one of the remedies that could be labelled low-hanging in terms of return on investment.

The table shows the means (functions) one can implement to secure the service (critical security controls), and in percentage how much this can contribute towards an optimal solution security-wise (100%). We see that patching web services also rate as a highly effective means to a secure solution.

Source: Verizon Data Breach Investigation Report 2015

The two main benefits of Two Factor Authentication are that you get protected access to your solution and know who has accessed it and you also protect your end customers or members by offering Two Factor Authentication to them.

Why Multi Factor Authentication (MFA) from Basefarm

  • Fast implementation - we set it up for you so you will be up-and-running very fast with little effort;
  • Save time - we can manage and administrate your solution for you;
  • Cost effective - as a service OPEX only;
  • Stable and secure solution - with SLA from Basefarm.

Read more about our Multi Factor Authentication solutions.