In a world that has turned uncertain, the world of data security remains constant. The COVID-19 virus is wreaking havoc on the service industry, entertainment businesses, and the stock market. Still, many businesses have the flexibility to remain open despite closing their physical doors.
As businesses remain open, attackers will continue to find ways to exploit them. It becomes easier for them, especially in these atypical working conditions. So, data security must stay top of mind.
Businesses must continue to plan, act, enforce, and train as their workforce landscape changes. For now, the landscape of the world changes with the virus.
Amidst the unforeseen circumstances surrounding this global pandemic, calm is key.
The organizations that continue to protect their data (and the people behind that data) will be the ones who will survive this pandemic. They need to update their plans as the landscape changes for them. Do you think your data security is solid enough to survive this pandemic?
In a world where credentials are the crux of both external and internal attacks, organizations need to re-evaluate their security plans. They need to start protecting elevated accounts with a multi-factor authentication solution.
According to Verizon Enterprise, in 2019, 29% of data breaches involved stolen credentials. Credential theft was the 2nd most common action used in successful breaches. Inappropriate use of credentials isn’t exclusive to external threat actors. Internal users misuse privileges enough that it ranks number six in the list of data breach threat actions.
What is Multi-Factor Authentication (MFA)?
Multi-factor authentication (MFA) adds a layer of validation. It ensures use of additional methods of authentication when a user attempts to verify their credentials. This can include:
- Something you know (like a password)
- Something you have (such as your mobile phone or a hardware-based token device)
- And even something you are (which uses biometrics – retina/fingerprint/voice scans, etc.)
All the above aligns more factors needed with the elevated level of a given account.
Organizations have adopted MFA at varying levels. These levels include accounts they believe are important enough to warrant the added measure of security – the CEO or CFO, for example.
But as in the adage of the plumber never doing their own plumbing, many IT organizations forego the use of MFA – for its own activities. They believe that IT is somewhat immune from the kinds of attacks and misuse that plague the rest of their userbase. Not something you would expect from an IT organization, right? It’s important for organizations that every IT credential should go through MFA.
The need of the hour is MFA
Here are four reasons why you should implement MFA:
- IT tasks involve elevated privileges – We’re certain you already know this, but it’s important to level-set the connection between IT tasks and MFA. Defense against cyberattacks is a regular part of an IT security strategy. It’s foundational that any account with elevated privileges to Active Directory, applications, or valuable data to provide more than just a password. The account must validate the requesting user is the credential owner. Even if you’re making a simple change in a group’s membership, it can provide unsanctioned access to valuable resources.
- The cloud extends access – Almost every organization has one or two feet on the cloud. This requires you to sync credentials with cloud-based identity platforms, directories, and applications. It provides access well beyond that of your on-premise environment. For example, a single compromised credential of an on-premise user has the potential to access any number of cloud directories. Not to forget, access to applications via cloud-based identity platforms!
- SSO is about productivity, not security – Many organizations think single sign-on (SSO) helps with security. If anything, SSO on its own makes it less secure. SSO is about making it easy for a single account to access many applications and resources with a single log on. Requiring MFA as part of the SSO process puts appropriate security controls in place. It ensures when the SSO grants access, it’s given to the appropriate person.
- IT won’t know about their stolen and misused credentials – Hackers don’t walk up to IT folks and ask for an ID and password. They work in stealth! They use malware designed to capture keystrokes, scrape OS memory, and discover any insecure accounts they can use. In most cases, the hacker can identify elevated credentials with little to no more than admin access to a single endpoint. IT needs to be more proactive in scenarios where their accounts are being misused – without their knowledge.
Learn more: Six Degrees of IT Separation
Implementing a multi-factor authentication solution
As more organizations shift to the cloud, it’s imperative for IT to realize they are leveraging solutions. These solutions enable IT to simplify the work by automating the reach of a single IT configuration. This helps IT to impact many cloud and on-premise systems and applications.
This wealth of power granted to an IT user account is important. It enables them to verify that the person who claims to own the account actually is the owner.
A robust MFA solution alone provides organizations with the validation necessary at authentication. It authenticates before IT can access, let alone manage, any data, application, system, or platform that could be misused for ill-gain.
Having a robust multi-factor authentication solution in place will help you against the attackers. Amidst the Covid-19, you need to gear up for potential data thefts to survive this global pandemic.
As one of our most powerful and important active directory admin tools, GroupID Authenticate verifies a user’s identity against a configured identity store before allowing them to login and use any GroupID module. You may also implement Multi-Factor Authentication with a valid license of GroupID Password Center. Learn more about GroupID Authenticate.