Authentication Types: SSO and MFA
In the past, you protected your assets with a lock and key and in the digital world, the equivalent is a username and password. This however is not enough anymore as cyber criminals are becoming much more creative in their tactics to break-in and steal your digital assets. It’s now a standard practice to layer two or more of the authentication types to sufficiently defend against cyber threats.
What you know: This authentication type is something that you memorize, like a password, a pin or a passphrase.
What you have: This authentication type is authenticated with a tangible object, such as your smartphone or keychain token.
Who you are: This authentication type uses biometrics, such as fingerprints, retina scans or full face scans available onsome modern smartphone devices.
The simplest authentication standard is called Two-Factor Authentication (2FA), more commonly known as Multi-Factor Authentication (MFA). Using what you know with what you have, exponentially strengthens your security posture, and reduces the attack surface that cyber criminals can attack. A common motto emerging from the cybersecurity realm is“MFA everything.”
According to the SANS Institute, the three most common vulnerabilities MFA can reduce are:
- Business email compromise
- Legacy protocols
- Password re-use
You are probably thinking that the number of keys on your keychain is getting too big and that you have too many passwords to remember right? This is very true, and a common mistake is to re-use passwords to make it easier to access all your digital services. Cyber criminals know this too and they are taking advantage of people’s poor password hygiene to break into your services and assets.
It has also been increasingly difficult to create and remember unique passwords for each and every service due to the sheer number of online services we have. To solve this problem, credential managers were developed to help us manage our digital credentials. Lastpass is one of these tools and has been adopted as a standard practice now to help ensure that you are able to generate and use all your credentials when requested.
We sometimes hear from our clients, “Oh we don’t need that level of security – we’re too small for anyone to care to hack in to our systems.” Well that’s simply not true.– Wayne Chow, Director of Cybersecurity
Another tool that has been developed to decrease the number of keys on your keychain is Single Sign-On (SSO). SSO is a way to use one of your main services as your identity provider, such as your email. By pointing your other cloud services to authenticate with one source ensures that you are not inundated with a multitude of credentials to manage and allows your organization to have better control and administration.
If you are interested in a Cybersecurity Assessment for your organization or would like to just talk to us about how you can strengthen your security framework, reach out to us and we can schedule a session with our Cybersecurity team here at Nucleus.