With the seemingly ever-present news of security breaches and ransomware attacks hitting major companies in our supply chain, doing nothing is not an option. Stolen credentials are an easy way for cybercriminals to "walk in the front door" and take what they want or encrypt everything and hold it for ransom.
One way to make those stolen passwords worthless is placing an additional requirement beyond just having credentials, a 2nd factor, before access to an environment is granted.
Two-factor authentication (also known as 2FA) is an additional layer of security used to ensure only authenticated users gain access to an online account or network environment. When set up, a user will enter their username and a password, then rather than gaining access straight away, they will be required to provide additional information.
This second factor could come from one of the following categories:
Something you own:
A code from an authenticator application on your phone, or a code sent by SMS to your phone. The phone must be registered to make sure it belongs to you.
Something you are:
A biometric indicator, like your fingerprint (Touch ID) or facial recognition (Face ID).
Taking the example of the Colonial Pipeline, their Virtual Private Network (VPN) system did not have 2FA in place. That means it could be accessed through a login and password combination alone without a second step such as a text message, a common security safeguard option found in most software and programs today.
The video below demonstrates how this works.
With 2FA, a potential compromise of one of these factors will not compromise the account itself. So, even if your password is stolen or your phone is lost, the chances of someone else having access to both factors (password and 2FA device) is not likely.
Unfortunately, passwords are still the main (or only) way many companies and individuals protect themselves, their environments, and online accounts. The good news is that there is increasing awareness within most industries about the need for 2FA.
Cybercrime is at an all-time high post-2020, and simple security practices like having 2FA set up wherever possible needs to be a priority for all businesses today. There's no time to waste.
If you'd like to learn more about 2FA and how you can implement it within your organization, give us a call - we'd be happy to work with you to implement 2FA and other security measures to better protect your business environment.