1 / 5

Why use Multi Factor Authentication

Using multiple steps by different methods to identify a customer's identity called multi-factor authentication. To read more check this post.

iamcyril
Download Presentation

Why use Multi Factor Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. All All about about Multi Multi- -factor Authentication factor Authentication In recent years, many businesses and processes have migrated online due to the varied benefits it offers. Many business, communication and personal interactions have moved online without any major outages or significant business impacts. In fact, one of the major silver linings of the recent Covid-19 pandemic was the increase in cyber space due to people being confined to their homes. On the flip side, increase in business and transactions online have provided a readymade launchpad for cybercriminals to exploit vulnerabilities present in the online systems and cause heavy data breaches. So much so that the year 2020 was not only a year of biological pandemic but also as the cyber experts say a year of, ‘cyber pandemic’. According to a report on cyber-attacks conducted by an agency known as Risk based security, there were 2,953 publicly reported breaches in the first three quarters of 2020, a 51% increase compared to the same time in 2019. 2020 was already the “worst year on record” by the end of Q2 in terms of the total number of sensitive records exposed. The three months of Q3 added an additional 8.3 billion records to the count, bringing the number of records exposed through the end of September to a staggering 36 billion.

  2. One of the answers to the cyber security challenge was implementing MFA which is an acronym for Multi factor Authentication. What is MFA What is MFA and why is it used and why is it used? ? Multi factor authentication is an authentication process which requires identification or validation of users through a multi-step verification process to gain access to online resources which can be anything from a mobile application to web based online accounts or a network. In recent years, the cyber attacks have become more sophisticated and difficult to deflect due to their complex nature. Hackers have developed tried and tested methods such as stealing personal credentials and to gain unauthorised access to personal accounts by exploiting a vulnerability. The attacks range from simple relaying and spraying attacks to the more sophisticated methods of spear phishing and pharming. Traditional usage of username and passwords are not secure anymore. MFA adds an additional layer of security or protection to the already present first layer of username and password authentication which in turns insulates or protects an organisation or an individual from remote attacks by a cyber- criminal. Read Also: Read Also: Application Security in Financial Services Industry How does MFA work? How does MFA work? Multifactor authentication works on validating two or more information of a user. The information of a user which forms a second or a third layer of authentication can be divided into 3 types. They are: 1.Information you know – username and password 2.Information you have – Badges, tokens or an OTP sent to your mobile phone or email address. 3.Characteristics you possess – Biometric characteristics such as Fingerprints, Voice recognition or face recognition.

  3. 4.Location based - which makes use of geo tagging or your location as an additional form of authentication. 5.Adaptive authentication – Primarily assigns a value of risk to the login attempt and asks for more information if it finds that the login attempt is different from the normal attempts. Considers the device used to access information, whether private or public connection used, time of accessing the information, whether off hours. For Example – After entering username and password while trying to log in to your personal account you might be asked for a code sent on your smart phone or a fingerprint to validate your authentication. Adaptive authentication may ask you for an additional authentication factor when you are trying to log into your account using a different device other than what you normally use. A typical MFA process has following steps while validating A typical MFA process has following steps while validating Listing Listing: Here you have to register devices through phone numbers or Email Ids where you want the confirmation message to be sent Login: Login: A person enters the username and password which forms the first layer of verification Confirmation Confirmation: : The system sends the user a message, typically an OTP or a code on your registered device to further the login process which forms the second layer of verification. Validation Validation: The system validates the code you have entered and grants access to your profile. In this sub process you may also be asked to put in your finger print to validate yourself. Why is MF Why is MFA important A important? ? Multifactor authentication has developed as a distinct tool or a process to protect an organisation or an individual against malicious cyberattacks. MFA has following benefits: Prevents Identity T Prevents Identity Theft heft Identity theft or access to personal information is a rapid growing cyber-crime. MFA provides an extra layer of security and prevents attacks of such manner.

  4. It is a Right Fit for Weak Passwords It is a Right Fit for Weak Passwords Though Password protection still forms the first layer of protection and is majorly used as a verification tool, studies have shown it is one of the least secure ways of protecting the system. Individuals or employees are inherently bad at creating strong passwords. Recent studies from OWASP and NordPass which are foundations which expertise in application security states that, “123456”, “password” and “qwerty” are stillcurrentlythe most commonly used passwords around the world. (Read). Recent studies from Ponemon institute (here) suggest that more than 50% of the employees reuse their password on different platforms. Verizon’s 2020 Data Breach Investigations Report found that 80% of hacking- related breaches involved passwords in some way, either in terms of using stolen credentials or the involvement of brute force attacks. MFA prevents password breach as it requires multiple verification on the user end. Reduce Risks Due to U Reduce Risks Due to Use of se of P Personal ersonal or Unmanaged Devices Due to the covid-19 pandemic, people have been confined to their homes and Work from home has become a norm. The employees while working from home remotely access the organisations private network on their less secured devices or networks connections. Personal devices or network connections do not have strong defence mechanism such as anti-virus software or a firewall implemented to prevent a phishing or a layering attack which can compromise the system and expose organisations’ sensitive data to the hackers. Using MFA allows personal devices to prevent attacks on employee’s system who work remotely by providing an additional layer of security. Provides a S Provides a St trong Back up rong Back up P Protection rotection While firewalls and antivirus do their jobs, however with MFA, it’s about granting access based on streamlined authentication process, thereby lowering or Unmanaged Devices

  5. the risks of compromised passwords. It adds an extra layer of security from the kinds of destructive attacks that cost organisations millions of dollars. Acts as a W Acts as a Warning arning The properly implemented multi factor authentication system can provide warnings/notification to the IT team or an individual when someone is trying to log in or gain access forcibly. It also alerts you of any unauthorized access and allows users to report the same to respective IT teams for resolution and further prevention. MFA MFA Adapts to The Changing Network Process Without Compro Adapts to The Changing Network Process Without Compromising User E User Experience. xperience. MFA secures the organisations networks, its users and the systems by adopting an adaptive approach and allowing the user or an employee to choose the verification process without requiring cumbersome resets or permissions. It easily integrates with a broad range of IT applications and is easy to deploy and manage thus saving time of IT teams which can in turn focus on more strategic tasks at hand. Conclusion Conclusion Data and security breaches exposed 5.1 billion records during the pandemic according to Forbes. Multifactor authentication process is easy to deploy and manage. Moreover, it is inexpensive and amalgamates with almost all IT applications. MFA provides an extra layer of security through a simple yet effective process. With recent increase in Cyber-attacks relying only on password strength is risky and perilous. Hence MFA is the way forward which prevents the likelihood of a brute-force attack or a potential data breach. Original Content Source: https://securetriad.io/multi-factor-authentication/ mising

More Related