Security

Cybersecurity Awareness Month: Doubling Your Account Security … – Mondaq News Alerts



To print this article, all you need is to be registered or login on Mondaq.com.

This article is the second in a series of articles about
Cybersecurity Awareness Month. Throughout October, K2 Integrity
will be providing tips and solutions to organizations to
commemorate the 20-year anniversary of the initiative. This
year’s focus is on creating strong passwords and using a
password manager, enabling multi-factor authentication, updating
software, and recognizing and reporting phishing attempts.

This second article highlights multi-factor authentication (MFA)
and its role in keeping organizations, their clients, and their
employees secure.

Securing Digital Assets with a Second Layer of Protection

As technology advances and an increasing amount of vital
information is held in the cloud, it’s important for
organizations to educate employees that digital security is
integral to corporate security. Financial data and confidential
client information are just some of what can be compromised if your
system falls into the wrong hands. Two layers of account
security—a long, unique password combined with
multi-factor authentication (MFA)—help make a potential
compromise more difficult by increasing barriers to unauthorized
network access. How can an organization facilitate this boost to
online security?

  • Implement MFA authentication for network
    access
    . MFA requires a user to provide two or more methods
    of identification in order to validate their identity for a login
    or transaction. Enabling this additional layer of verification can
    protect employee accounts and help thwart takeover attempts.

  • Use an authenticator app as a best practice.
    Although MFA reduces the risk of a network compromise, relying on a
    phone call or text as additional authentication is risky. If
    criminals gain control of an employee’s mobile phone account,
    such as through a SIM swap, phone call- and text-based prompts
    will route to the criminal. In contrast, apps are linked to the
    mobile device and not the account’s phone number, so app-based
    prompts will continue to be routed to the original device.
    Encourage employees to also use authenticator apps for personal
    accounts.

  • Train employees how to respond to unexpected MFA
    requests.
    Criminals use passwords stolen through phishing
    attacks, the dark web, or even an internet search to try to breach
    accounts. If they enter the network password into the
    organization’s sign-in page, the MFA prompt will appear on the
    employee’s mobile device. By denying the request, the employee
    prevents the criminal from progressing. Employees should be
    instructed to report unexpected MFA requests and to promptly change
    their network password to thwart further attempts.

  • Educate employees about the dangers of multi-factor
    fatigue.
    MFA fatigue occurs when criminals use a stolen
    password to sign into the network multiple times, sending repeated
    MFA prompts to the employee’s authentication app. The criminals
    hope that the employee will tap “Approve” accidentally or
    through frustration from repetitive prompts. Employees should also
    be required to report such attempts.

Implementing MFA for corporate accounts—in conjunction
with strong passwords—adds a second layer of security and can
help prevent data breaches. Organizations can reap security rewards
with this addition to their business practices.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Technology from United States

The Threat From Within

Ankura Consulting Group LLC

In today’s digitally driven world, cyber threats pose a significant risk to organizations of all sizes and industries. As stewards of their companies’ success and security…



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.