The ability to control entry to physical locations based on factors such as date, time, and access level. Access control systems can also create audit trails, raise alarms, and adjust authorizations based on the threat level.
Access control helps ensure that only authorized people have access to your facilities.
...continue reading "Term of the Week: Physical Access Control"
The information security discipline that establishes and manages the roles and access privileges of individual users, including humans and machines, within a computer network. Identity management is also known as identity and access management.
Identity management enables companies to control who, how, when, and which users access information or digital assets. Identity management systems can enhance productivity in addition to protecting assets.
...continue reading "Term of the Week: Identity Management"
A combination of two or more dissimilar authentication modes, called factors (possession, knowledge, inherence, location, or habit), that must be presented together as part of the process of authenticating the identity of a person or device requesting access.
When properly implemented, multi-factor authentication (MFA) makes it harder for someone to impersonate an authorized user, giving you a higher level of confidence about the identity of a person or entity attempting to access your system.
Many data breaches start with the theft of user credentials. At the 2017 Black Hat Conference, a survey question asked: Which of the following is most responsible for security breaches? The choices were: humans, not enough security software, unpatched software, or other. Eighty-five percent (85%) of the hackers surveyed said humans.(blackhat 2017)
When the same group was asked what was the strongest barrier to stealing credentials, sixty-eight percent (68%) said it was the combination of multi-factor authentication and data encryption.
Business professionals need to know about multi-factor authentication so they can adapt authentication to meet their needs while balancing expense with security.
Authentication factors include the following:
MFA happens when a combination of two or more of these methods is presented at the same time. What makes MFA more secure than single-factor authentication is that the odds of a hacker possessing two or more of the authentication factors at the same time are very low.
One factor alone is weak authentication. Cards can be cloned, passwords cracked, biometrics fooled, and smartphones stolen. The combination of two or more of the same factor (like two cards, two passwords, or two biometrics) is not true multi-factor authentication. While stronger than having only a single factor, combining two of the same factor is double single-factor authentication.
The first step to hacking into many networks is to bypass the logon authentication by stealing a legitimate user credential. Cybersecurity starts by first knowing who is knocking on the virtual front door. That knowing begins with multi-factor authentication.
Dovell Bonnett has been creating computer security solutions for over 20 years. In 2005, he founded Access Smart to provide cyber-access control solutions to government and small-to-medium-sized businesses in areas such as healthcare. His premier product, Power LogOn, is a multi-factor authentication, enterprise password manager.
Dovell is a frequent speaker and consultant on the topic of passwords, cybersecurity, and multi-factor authentication. His most recent book is Making Passwords Secure: How to Fix the Weakest Link in Cybersecurity.
Term: Multi-factor Authentication
Email: Dovell@access-smart.com
Website: access-smart.com
Twitter: @AccessSmart
LinkedIn: linkedin.com/in/accesssmart
Facebook: facebook.com/AccessSmart
A subset of cybersecurity that protects networked devices, such as smartphones and medical equipment, that are usually accessed by an individual user or group.
Endpoints are a vulnerable point of entry for breaches. Because of the large number of connected devices available and the wide diversity of types, endpoints are difficult to manage and keep vulnerabilities patched.
The implementation of policies, practices, and technology to enable positive identification of people, devices, and applications.
Understanding authentication is critical for establishing a secure environment because you must reliably know the identity of the people, devices, and applications accessing your resources in order to properly govern access and permissions.