Passwords have been the long-time guardian of our personal lives and data ever since the dawn of the internet. Though passwords might still retain most of their relevance, they are not robust enough to protect today’s digital economy.
Passwords are not good enough anymore (at least on their own)
The recent wave of high-profile security breaches has made us rethink online security. A few lines of code is all that it takes to expose millions of login credentials all across the globe.
Today, it might not be enough just to keep changing your passwords regularly. Accounting for a stunning 61% of breaches, credentials are the primary means threat actors use to hack their way into an organization, according to the 2021 Data Breach Investigations Report.
Relying solely on passwords is like keeping the keys to your sensitive data under your doormat. You might as well leave the door open. You need an additional means to secure your data, an extra layer of security that can come in handy when the key to your data is in the wrong hands. This is where multi-factor authentication (MFA) and two-factor authentication (2FA also sometimes referenced as TFA) is vital.
What 2FA is, and why your organization needs it
2FA is a second way to verify your identity online and ensure that only you have access to your information. In addition to your conventional password, 2FAs prompt you to prove your identity. The additional level of verification here is usually a time-based one time password (TOTP) generated from an authenticator app or from physical verification, such as a fingerprint or a face unlock.
But when did passwords become useless?
According to a Wired article, passwords in the mid-1960s were as useless as they are today. In 1961, MIT had enabled its students to log in to a massive time-sharing computer called CTSS with unique passwords for every student. In what would become the first data breach in the history of computing, MIT students figured out a way to hack into the computer, access all the passwords, and print them at will.
Though secure passwords might not have been a priority in the early days of computing, the story of our modern day enterprises is no different.
The true cost of compromised passwords
In May 2021, Colonial Pipeline, the largest fuel pipeline in the United States, had to stall fuel deliveries in 12 states for several days due to a cyberattack.
The extent of the damage forced the US Environmental Protection Agency to announce an emergency fuel waiver to ease gasoline shortages. In the end, the CEO of Colonial Pipeline, agreed to pay the $4.4 million ransom, all because of a single compromised password.
The amount of ransom paid should come as no surprise since the average cost that companies shelled out in 2021 was close to $4.24 million per incident on average, which also happens to be at a 17-year high.
Cyber mishaps have led governments across the world to enforce stricter cyber hygiene measures. The US Federal government, for instance, urged agencies in an executive order to adopt MFA. Even regulatory bodies have emphasized the need for MFA, with PCI and NIST being the notable ones.
If you’re thinking that regulations and compliance are the only reasons to enforce MFA in your enterprise, you might want to think again.
Benefits of MFA
Delivering an extra layer of security, MFA can block over 99.9% of account compromise attacks, according to Microsoft as reported by ZDNet. If that isn’t reassuring enough, here are a few additional compelling reasons that make a case for utilizing 2FA:
Peace of mind
In an enterprise setup, 2FA gives sysadmins peace of mind since it ensures that the account cannot be accessed even if the password falls into the wrong hands. Enabling 2FA puts you at the helm of your data and gracefully compensates for your weak passwords.
Weed out human errors
Password-related mistakes form a major chunk of threats arising from human error. Using 2FA solves the need to remember complex passwords or write them down on sticky notes. Even if you use something that’s not so easy for you to crack, it’s easy for cybercriminals to test thousands of stolen passwords on something that’s only privy to you, like your bank login.
Handle multiple accounts with ease
The convenience of online life has made us open multiple accounts to do almost everything imaginable. More accounts mean more passwords and passphrases. It can also lead to reusing the same password in multiple websites. While the bad habit of recycling the same passwords might be hard to stop, adding an extra layer of security like 2FA gives you the comfort of convenience and security at the same time.
This goes without saying. The inability to enforce MFA leaves the door open for attackers to access sensitive corporate data solely relying on credentials, scarring the organization’s reputation. Having that additional level of authentication makes a world of difference.
Enabling 2FA in Desktop Central
Enabling 2FA in Desktop Central is a frictionless process. From the console, navigate to Admin > Security Settings. Under Secure Login, select Enforce Two Factor Authentication.
2FA is probably the simplest way to secure your enterprise against a vast multitude of cyberattacks starting from phishing and credential stuffing to brute force and man-in-the-middle (MITM) attacks. It is high time MFA becomes a core part of your enterprise security.