Strong passwords, good security habits, and user awareness are not enough to keep credentials secure in today’s technology-driven world. Data breaches are becoming commonplace as organizations that hold your data are compromised by skilled hackers, who will sell this data on the Dark Web. In 2013 there were 614 data breaches, this number rose in each of the following years: 783 (2014), 1,093 (2016), 1,579 (2017). If these numbers are not scary enough alone, attaching some organization names may add perspective. The following companies have had credentials exposed since 2007: TJ Maxx (94 million records in 2007), Sony Playstation Network (77 million records in 2010), Target (70 million records in 2013), Ebay (145 million records in 2014), Yahoo (1 billion records in 2016) (2). According to a study done by Sky High Networks, 92% of organizations have credentials for sale on the Dark Web (1). Even the most secure user, who follows all of the best password practices, is prone to these data breaches, which will leave their usernames and passwords exposed.

One of the most important things you can have to secure your data is two-factor authentication (2FA) technology. Two-factor authentication is exactly what the name implies, and it is as simple as adding another layer of security to protect your accounts and data from unauthorized users. Two-factor authentication combines two of the following to protect data: something you know, something you have, and something you are. One of the most common combinations, and the one that you may be familiar with, is something you know (Password) and something you have (Hardware Token). If you are an existing Plummer Slade client, you are likely using the DUO mobile application on your smartphone as your hardware token for two-factor authentication. This extra step may not always be convenient, and it may take you a few extra seconds to remote into your work computer, but rest assured the benefits far outweigh this minor inconvenience.

For example, a user could mistakenly send their username and password to an attacker in reply to a phishing email. Normally, the attacker would now have full access to this user’s accounts and private information. With the implementation of two-factor authentication, this attacker would still be unable to access anything. As long as the user is still in possession of their smartphone or other 2FA device, they can simply deny the login attempt and change their password. It seems simple, and that’s because it is. Two-factor authentication is very straightforward, but it is without a doubt one of the best security measures that you can have on your side.

Cyber security has a strong inverse correlation with convenience, but it is ultimately technologies like two-factor authentication that will save your business from being compromised by malicious attackers. Plummer Slade is committed to keeping your business secured by staying up to date on the latest cyber security technologies and implementing them on your network.

For more information regarding Two-Factor Authentication, please contact Plummer Slade at 412-261-5600 or email info@plummerslade.com.

Source(s):
(1) https://www.skyhighnetworks.com/cloud-security-blog/5-key-findings-from-2019-cloud-adoption-and-risk-report/
(2) https://digitalguardian.com/blog/history-data-breaches