OCTOBER 2012: Want to lower the odds of someone getting in to your network to as low as one in 100,000,000,000,000? (That’s 100 trillion!) Then add a third layer of protection!
It’s not that difficult or expensive to take advantage of three-factor authentication. By layering authentication factors, or the factors that identify your team so they can have access to your network or accounts, you add a bunch of zeros to increase the odds in your favor. And you protect your pond and all the precious data in it.
Think of each authentication layer as a wall. Level one is relatively low so a motivated cyber crook with decent hacking software can climb over it. Level two is considerably higher and requires heavy-duty, wall-scaling equipment. And level three? Frogettaboutit! Thieves will simply gaze up at the enormity of the task before them and seek their booty elsewhere.
The three authentication factors include something you KNOW, something you HAVE and something you ARE. Here’s what each offers and by all means, never have fewer than two protecting sensitive data:
Level 1: Something you KNOW. This is a PIN, password, phrase, username, or other “secret” code that only your team members know. The chances of someone guessing a four-digit PIN is one in 10,000. The chances of someone guessing a password like P%tTyl6@9M2 is a lot lower. The more complex your password, the more difficult it is to figure out, even if the cyber crook is using software designed for that specific purpose. Doubling or tripling up on things you know — like requiring a username, a password and the answer to a super-secret question — is a great way to go but it’s still considered single-factor identification.
Level 2: Something you HAVE. This is something like a key, a key fob, a security card to swipe or an electronic code called a “token.” When you go to the ATM, for example, you’re using two levels of security — your ATM card and your PIN. Tokens come in all varieties. For example, there are mobile phone token apps that generate one-time tokens on demand or refresh tokens on a regular schedule. But swipe cards and mobile phones can be lost or stolen, so an even safer Level 2 option is a security token service. Team members call in, identify themselves, then receive a one-time token by text from the service. Token apps and services are often easier on the budget than issuing cards and reduce the odds of a malicious-minded frog breaking into your network down to one in a million or so. Multiply that by the odds of also guessing the password of one in 10,000 and you’re down to a one in 10,000,000,000 (ten billion). Pretty darn safe.
Level 3: Something you ARE. Here’s looking at you, kid! For the ultimate in security, add a picture, voiceprint, fingerprint, retina, signature, DNA or other factor that belongs exclusively — and humanly — to each team member. And it’s more affordable than you may think. Nifty little devices like USB fingerprint scanners and face recognition cameras both start at around $80 each, but keep in mind your IT department may not be able to manage low-end devices. Electronic signature pads start at around $300, and scanners that read hand prints, palm prints or even wrist vein patterns (yes, it’s true) start at around $350. Leap up to an iris capture scanner and you’ll pay at least $2,500. Voice authentication software is another option — it asks your team member to read something aloud to verify his or her voice. The passage is different each time to prevent recording. Best of all: buy laptops with built-in fingerprint scanning the next time you refresh your hardware. The payoff for adding body part scanning to your authentication process? You reduce your risk down to as much as a one in 100 trillion. Now that’s a level security that lets us frogs sleep well at night.
[well size=”sm”]If your goal is an optimized IT environment that helps your company grow and prosper, you need highly effective Help Desk support. The faster problems get solved, the sooner your team can get back to work. Leapfrog offers a range of managed IT services, including 24/7/365 Help Desk Support. We pride ourselves in our lightning-fast resolution speeds and deep knowledge of all things IT. Customer service as Priority One means no more bottlenecks![/well]