You wouldn't leave the door to your house unlocked when you are not home, and you probably lock the door while you are home too. Even though there is no immediate danger of a stranger entering your home, or your strange uncle visiting unexpectedly, you lock the door. The locks on our doors are a precaution, not against an imminent threat, but against a possible threat. So too is Multifactor authentication an added layer of protection that you hope you never need but will be glad you had when a hacker, or your creepy uncle, tries to access your online accounts.
Two-Factor Authentication (2FA), also known as Multifactor Authentication (MFA), is like a door with two locks. The first lock is your basic username and password login combination and the second can be anything else to verify your identity. The second layer is often a randomized number sent to your mobile device or email address but it can also be a hardware token that you carry on your person, an app on your phone, or even an NFC chip implanted under the skin.
Multifactor authentication is a simple way to add security to the accounts that your employees access every day. It can help prevent common vulnerabilities like reused passwords, brute force hacks, shared credentials, and orphaned credentials on public devices. Read on to learn more about these common risks and how OpenEye Web Services (OWS) cloud managed video is using MFA to keep your network and surveillance system safe.
As we live more of our personal and business life online, we have more and more passwords to remember each day. Best practices say that we should use a unique strong password for every account but the average business employee has to remember 191 different account passwords according to a 2017 report from Last Pass. Out of desperation, we start creating passwords that are easy to remember, just barely meeting the security guidelines for each site, and as the number of passwords pile up we resort to using the same password for multiple accounts. LastPass found that 61% of people use the same or a similar password everywhere even though they know it isn't secure.
Hackers use technology that enables them to test billions of password combinations every second, making 90% of user-generated passwords vulnerable to attack. Multifactor authentication makes it harder for hackers to access your accounts by requiring a second piece of information from you to confirm your identity. The extra 20 seconds that you spend to receive a code via SMS adds a level of protection that you can't get from a password alone.
If users reusing credentials weren't enough, they then often share them with co-workers and others because they think it's easier and faster than creating a new account, but this can leave your account vulnerable at multiple levels. By using MFA your business can stop employees from sharing their account credentials, improve your data security and create accountability through an accurate audit trail of activity on your systems.
Improved technology has made it possible for employees to do their work outside the office, not only using business issued laptops but employees commonly use their personal smartphones and tablets to do company business and access cloud-based accounts. Companies encourage this activity because it leads to productivity gains, but stored passwords on these devices leave your business data vulnerable. Requiring a second form of authentication can prevent unwanted access to critical programs and data.
You probably already use multifactor authentication to log in to your mobile banking, your email accounts and maybe even to access your Facebook account. OpenEye Web Services uses MFA as just one of the cybersecurity technologies utilized to shield user data from unwanted access and protect you against data loss or downtime. OWS also employs trusted outbound connections, does not require port forwarding, and does not need any open inbound ports to work, significantly improving the security of your network and surveillance system.
Learn more about OpenEye's commitment to cybersecurity and data protection to see how we make your network more secure while lessening the burden on IT and operations.
Cybersecurity and Data Protection