2 FACTOR AUTHENTICATION (MFA)

 Authentication 

Most of us understand for what stands for. It’s a method for validating that we are who we say we are. Almost all modern systems provide access based on an authenticated user identity, so getting that correct is critically important, and getting it wrong can mean providing someone with bad intentions access to your privileged systems. 

The challenge is that authentication is simply based on a password alone and can be easily compromised. Even if you skip the more common errors, such as simple to guess passwords, writing them on sticky notes, using the same password on multiple accounts, other poor password and password handling choices, there are many tools that can crack most passwords in a short amount of time. End users often end up changing their passwords, sometimes making them simpler and easier to crack again. 

MFA 

Multi-Factor Authentication is a good method for solving authentication dilemma. The idea is simple – combine something you know (the password) with something you are or something you possess. For instance, it can be some type of token, either a physical card or hardware device, or an application running on your mobile device or received as a SMS, something you are, may be some type of bio-metric factor, like a fingerprint or retina scan. Most of end-users have already used multi-factor authentication whether they realize it or not. Using, their ATM cards to obtain cash, for instance. The card is what they possess and the pin is what they know. Without both tightly coupled authenticators they cannot withdraw cash. 

MFA is a good idea for all users, but it is also a mandated step by various security standards such as PCI-DSS and GDPR. According to the Cloud Security Alliance nearly 25 % of those who reported a breach said it was caused by compromised credentials. This means that a simple and affordable authentication solution could protect against nearly one-quarter of all security breaches. 

Over 2,300 Data Breaches Disclosed So Far In 2018, Exposing Over 2.6 Billion Records, this should be a trigger for TOP Managements.

Encryption 

It’s crucial to implement encryption at all times: 

• Data in motion, in use and at rest, whether it is email with or without attachment. 
• Data in motion, in use and at rest whether is file or folder in network or in the cloud.