- Cisco Introduces Responsible AI – Enhancing Technology, Transparency and Customer Trust
- Managing Customer Trust in Uncertain Supply Chain Conditions
- Hope on the Horizon
- Toys of Tomorrow… What will spark your imagination? Fuel your imagination?
- Protecting Purses and Digital Wallets
- The Password that Felled the Kingdom + MFA vs 2FA
- The MOE’s RA 3.0 and Zscaler
- 7 Critical Reasons for MS Office 365 Backup
- Penetration Testing Important, but…
- Social Engineering and Poor Patching Responsible for Over 90% of Cybersecurity Problems
- Breach Incidence and Costs On the Rise Again + 5 Ways to Reduce Your Risk
- Cybersecurity Insurance Policies Require Security Audits and Pen Testing
- Wireless strategies for business continuity gain importance as enterprise expand IoT, cloud, and other technologies
- How Cybercrooks are Targeting YOU
- Enabling Digital Transformation with Cisco SD-WAN
- WFH Post Pandemic – What It Will Look Like. What You’ll Need.
- Leaders to looking to the IoT to improve efficiency and resiliency
- Cyber Security Vernacular – Well, some of it, for now
- Why You Need Disaster Recovery, NOT Just Back-Ups
- 10 Reasons Why Having an Expert Manage Your Cybersecurity Makes Sense and Saves Dollars
- Converting CapEx IT Investments into Manageable OpEx
- The Hybrid Workplace – Planning the Next Phase
- Cisco Cloud Calling: Empowering Customers to Thrive with Hybrid Work
- When You Can’t Access the Cloud
- How to Keep On Keeping On
- New Cisco Research Reveals Collaboration, Cloud and Security are IT’s Top Challenges
- Threats from Within on the Rise
- Cloud Covered? If Not, Take Cover!
- Zero Trust and Forrester Wave Report
- Password Based Cyber Attack: Like Leaving Keys Under Doormats
- So, What’s Up With Sensors?
- Sensors and Systems Create a Digital “Last Mile” and Help Skyrocketing Costs
- Scanners Provide Peace of Mind for Returning Students and Workers
- Sensors Improve Operations and Bottom Line… Easily and Cost-Affordably.
- Cisco Meraki Looks at 2021
- 2020 Holiday Shopping: Cybersecurity and Other Tips to Safeguard Wallets and Systems
- How to make the most of the technology you have
- Personnel, Planet and Business Progress: More Interdependent Than Ever Before
- Sure… you can get them all in the boat – but can you get them to work well together?
- Pushing the Zero Trust Envelope – Cisco is Named a Leader in the 2020 Forrester Zero Trust Wave
- Cloud Data Must be Protected, Too!
- Don’t Let Anyone Get the Dirt on You – Make It Instead!
- How IoT Devices Can Help You and Your business
- WebEx – A World of Possibility
- Creating Your Breach Response Plan Now Will Save You Thousands Down The Road
- Been hacked? Here’s what you must do next.
- The Need for Pen Testing is At an All-Time High
- 5 Ways an IT Reseller Improves Your Performance and Peace-of-Mind
- 5G and Wi-Fi 6: Faster, more flexible, and future ready. Are you?
- Network and Data Security for Returning and Remote Workers + Disaster Recovery Symposium
- Collaboration and Cisco WebEx: Protecting Your Data
- Thursday’s Virtual Conference Tackles Today’s Supply Chain Trials and Tribulations
- 10 Tips to Reduce Cloud Storage Risk
- COVID-19 Crisis Fuelling IT Spending
- Supply Chain/Logistics Experts Share Their Expertise
- Cisco Breach Defence Overview
- Announcing Our New Website and Blog
Every year around this time, NordPass, one of several password vault providers, releases the top 200 most common passwords of the year. When I checked the full list, I was pleased to see that none of mine were there – but was surprised to see words like “chocolate”, “princess” and “baseball”.
This is alarming for IT managers responsible for protecting the company network, because the top five passwords used in Canada:
- 123456 (17% globally!)
According to Verizon, 73% of passwords are “duplicates”. In other words, 73% of people re-use their passwords. Do you? If so, now might be a good time to make some changes.
With stats like that, it’s no surprise that 81% of data breaches involve stolen or weak credentials. It’s also no wonder that many online retailers and information brokers no longer accept passwords that contain consecutive numbers or qwerty!
Despite news headlines routinely reporting about cybersecurity breaches leaving corporations, cities, hospitals and schools vulnerable – and employers routinely stressing the dangers of simple passwords being used on their networks – people prefer “easy”.
One good way to ensure you have a strong password is to use a password vault. For some reason, however, research shows that nearly 75% of Canadians think these vaults make them vulnerable to bad actors. And these are the same people who use “12345” as their password!! And yes, a significant percentage of Canadians use easy passwords.
Given that “easy password users” often log on to corporate networks, organisations are at risk.
Having to enter a password to access a device or network is also known as “Single Factor Authentication”. Unfortunately, single is no longer sufficient.
Multi-Factor Authentication (MFA) can help make you less vulnerable – and not just to password fallibility, though that is one of the biggest problems, as mentioned. You probably already know other ways that devices – and then ultimately networks – can be hacked, so I won’t cover them here.
Phishing is the biggest concern these days because 91% of phishing attacks are to obtain credentials. For this reason, and to meet escalating insurance and compliance requirements (PIPEDA, ITSG-33, etc.), commercial authentication solutions are needed. Such solutions ensure that the person using the password has the right to do so. Usually, this requires re-authenticating using a separate device.
What is MFA – and what’s the difference between 2 FA, MFA and Adaptive MFA (AMFA)?
To put it in the simplest of terms, Multi-Factor Authentication (MFA) is a type of authentication that requires two or more factors of authentication; Two-Factor Authentication (2FA) requires precisely two factors.
Combined with other security solutions, 2FA can be very effective. Cisco’s Duo is an excellent 2FA solution as outline in its Two Factor Authentication Evaluation Guide.
Although an excellent solution, there is limited flexibility with 2FA because only one additional layer of identity confirmation is required. Also, users can get annoyed with always having to authenticate via a second device. That being said, it is possible to set the system up so that your 2FA authentication is good for 30 days when using the same laptop and cell phone combination.
With Multi-Factor Authentication (MFA), access is granted to users based on a range of possibilities. Factors that get taken into account include whether the user is an employee or outside stakeholder, where the user is located (on premises or not – and where geographically), whitelisted versus blacklisted IP addresses, use of biometrics, log-in attempt limits, and your own policies and protocols.
Think of it this way: MFA adds more factors of authentication, making your security lock stronger with each layer that is added.
Adaptive MFA is like “smart MFA”– though MFA is pretty smart, in and of itself. The adaptive part comes in because the solution uses AI to determine whether or not the authentication process needs to be ramped up on a case-by-case basis. This is determined based on the device, the user and the context in which the individual is using the device in question. The advantage is that it cuts down on the number of times a valid user is required to re-authenticate – and can identify immediately when unusual patterns are occurring.
Regardless of which route you go, there can be resistance from employees who do not want to have software tokens on their own devices. The easy fix is to provide your employees with corporate cell phones and laptops.
For organisations that require employees to use their own devices for budgetary or other reasons, this is a real concern. The frequent “go to” in these situations: Hardware tokens.
The problem is that hardware tokens can be more expensive, and have limited lifespan (batteries die, fobs get lost, etc.) – and right now are almost impossible to get because of current supply-chain problems.
There are, however, many different solutions to fit your current security posture and policies. In some cases, a hybrid solution is necessary – in others, a whole new approach may be needed. The best advice: Speak to an IT specialist to learn what makes the most sense for your organisation.