Are Passwords Enough? The Argument for Multi-Factor Authentication
Recent Hacks on Global Companies Suggest a Need for New Security Measures
It may seem like a pain. You are only trying to login to pay a bill, order a new toaster, or make an appointment, and they ask for more than a password. Rolling your eyes you have a code texted to you, or emailed, or even called. What a waste of time…right? When given the choice between having to spend an extra two minutes to login or having to cancel your credit card due to identity theft, which would you choose? Are passwords enough?
These days, it does not seem so.
I know what you’re thinking. At least I’m not one of those guys that make their password: password123, my information is not that vulnerable. Think again. Even the most nonsensical combination of upper and lowercase letters, numbers and symbols are capable of becoming compromised.
In many cases of compromised information, it is not even a case of a good guess when it comes to your password, but rather in phishing scams or other techniques that can deceive even the savviest of internet users. A recent Facebook Messenger scam made light of this, by compromising an account and sharing a video link to a person’s contacts, as that person. So, be careful before clicking that video that your best friend sent you. It may not be a cute cat video, but rather a way to obtain your personal information.
The need for more than just a password is a crucial enough issue for the individual, but failing to do so can be catastrophic for businesses that keep and protect sensitive information.
So what can you do?
There are a few solutions available to help secure your company’s sensitive information.
Password Managers
Password managers make it easier to keep dozens of unique passwords. That way, you do not need to repeat the same password over and over again. This is a common solution for workplaces that do not want to slow down their workers by making them wait on the codes or other keys for two-factor authentication. Instead of keeping an individual list of passwords, the password manager keeps it in memory, accessible only to those invited into the system by an administrator.
Simplifying Authentication
While having to get through two gateways can be a time-consuming burden on employees, simplifying two-factor authentication may be beneficial. In more recent instances, instead of waiting for a code or phone call, a mobile security app requires a single tap to allow access. In order for two-factor authentication to be both secure and functional, it needs to be fast, easy to manage and built to defend against threats.
Encryption
You may not always be able to protect against external threats, but you may be able to still protect what’s inside. By encrypting your important data, your sensitive information will be harder to obtain in the event of a breach.
Limit the Passwords that Employees Have Access to
Instead of giving everyone unlimited access to everything from the company Twitter to the main database, give access only to what is essential to get the job done. You’d much rather change 3-5 passwords than upward of 500 when an employee parts ways with the company.
Utilize Wiping Technology
If your company is one that allows employees to use their own devices, things can get complicated once an employee leaves. With the right technology, you can wipe all company data off of an external device, without disrupting the employee’s personal information. That way, they can quickly resume use of their device, and your company data remains safe from potential exposure.
Content security can make or break the integrity of your organization. It is important to keep a company’s proprietary information safe, not just for the company itself, but for the clients it serves and the workers it employs. DocuServe provides a document management solution for businesses, which increase your confidence in your company’s security protocol. When wondering “Are passwords enough?”, DocuServe can keep your information safe.