Skip to content

What is it?

A means by which a person can be uniquely identified by analyzing distinguishing traits such as fingerprints, retina and iris patterns, voice signatures, gait, and facial characteristics.

Why is it important?

Biometrics-based security is increasingly being used to identify people -- for example, using a fingerprint to unlock a smartphone. Security professionals are turning to biometrics both for convenience and because password-based security is not secure enough. Inherent traits, such as a retina pattern or gait, cannot be easily counterfeited, making them potentially more secure, especially when used as an additional factor in a multi-factor authentication scheme.
...continue reading "Term of the Week: Biometrics"

What is it?

The ability to control entry to physical locations based on factors such as date, time, and access level. Access control systems can also create audit trails, raise alarms, and adjust authorizations based on the threat level.

Why is it important?

Access control helps ensure that only authorized people have access to your facilities.
...continue reading "Term of the Week: Physical Access Control"

What is it?

The information security discipline that establishes and manages the roles and access privileges of individual users, including humans and machines, within a computer network. Identity management is also known as identity and access management.

Why is it important?

Identity management enables companies to control who, how, when, and which users access information or digital assets. Identity management systems can enhance productivity in addition to protecting assets.
...continue reading "Term of the Week: Identity Management"

What is it?

A combination of two or more dissimilar authentication modes, called factors (possession, knowledge, inherence, location, or habit), that must be presented together as part of the process of authenticating the identity of a person or device requesting access.

Why is it important?

When properly implemented, multi-factor authentication (MFA) makes it harder for someone to impersonate an authorized user, giving you a higher level of confidence about the identity of a person or entity attempting to access your system.

Why does a business professional need to know this?

Many data breaches start with the theft of user credentials. At the 2017 Black Hat Conference, a survey question asked: Which of the following is most responsible for security breaches? The choices were: humans, not enough security software, unpatched software, or other. Eighty-five percent (85%) of the hackers surveyed said humans.(blackhat 2017)

When the same group was asked what was the strongest barrier to stealing credentials, sixty-eight percent (68%) said it was the combination of multi-factor authentication and data encryption.

Business professionals need to know about multi-factor authentication so they can adapt authentication to meet their needs while balancing expense with security.

Authentication factors include the following:

  • Physical things such as key cards
  • Biometric factors such as fingerprints/iris scans
  • Knowledge such as a password or PIN that the user knows

MFA happens when a combination of two or more of these methods is presented at the same time. What makes MFA more secure than single-factor authentication is that the odds of a hacker possessing two or more of the authentication factors at the same time are very low.

One factor alone is weak authentication. Cards can be cloned, passwords cracked, biometrics fooled, and smartphones stolen. The combination of two or more of the same factor (like two cards, two passwords, or two biometrics) is not true multi-factor authentication. While stronger than having only a single factor, combining two of the same factor is double single-factor authentication.

The first step to hacking into many networks is to bypass the logon authentication by stealing a legitimate user credential. Cybersecurity starts by first knowing who is knocking on the virtual front door. That knowing begins with multi-factor authentication.

References

About Dovell Bonnett

Photo of Dovell Bonnett

Dovell Bonnett has been creating computer security solutions for over 20 years. In 2005, he founded Access Smart to provide cyber-access control solutions to government and small-to-medium-sized businesses in areas such as healthcare. His premier product, Power LogOn, is a multi-factor authentication, enterprise password manager.

Dovell is a frequent speaker and consultant on the topic of passwords, cybersecurity, and multi-factor authentication. His most recent book is Making Passwords Secure: How to Fix the Weakest Link in Cybersecurity.

Term: Multi-factor Authentication

Email: Dovell@access-smart.com

Website: access-smart.com

Twitter: @AccessSmart

LinkedIn: linkedin.com/in/accesssmart

Facebook: facebook.com/AccessSmart