Multifactor Authentication Helps Keep Data Secure
All of us can take preventative measures today to reduce the risk of data loss tomorrow — multifactor authentication is one way to help keep data secure.
17 September 2014
When steady and staid Forbes starts a “Data Breach Bulletin” series, we know that’s a sign of the times. Considering the unrelenting malicious threats and hacks we see in the news, by now, all of us should draw a similar conclusion — that we need strong information security.
Users, Protect Yourself
Losing control of your personal information is an unsettling and unpleasant experience. But luckily, all of us can take preventative measures today to reduce the risk of data loss tomorrow:
The first best practice to follow is to keep your personal information separate from your business information. It’s a bad idea to comingle this data on the same computer, file sharing service, or account. If data does leak, the consequences are irrevocable to the organization. The company can face regulatory fees, lost productivity, brand damage and missed revenue. Because of this, many employers actually have rules about storing sensitive information on unsanctioned file sharing services.
For those us who do use file storage or collaboration tools to store and share critical information, here’s another tip. If you’re using a freemium tool, make sure to change your settings to “private” (if the service supports privacy settings) to avoid unauthorized access to your files. Additionally, if you’re storing sensitive information in a public folder, simply changing the public folder to private may not always protect files — especially if you’ve shared the file URL. You’ll want to delete any public folders that store sensitive information and re-upload these files to a new, private folder.
Why Multifactor Authentication Works
To keep your content in your hands, apply multifactor authentication when available. Multifactor authentication will leverage two or more of these “authentication factors”:
A knowledge factor: This is a typical form of authentication — it will include PINs or passwords — and requires users to prove who they are before they can access information. You should be the only person capable of inputting this factor. For example, when it comes to passwords, it’s critical that you create strong, unique passwords across all of the sites you access. Remember, these should be passwords that only you know — and they must be unique from other passwords you use. (If you need help generating hard-to-crack passwords, try a password management service such as Password Safe.)
A possession factor: This is something only you have, such as a lock and key, your credit card, or your mobile phone. This security protocol relies heavily on you as the authenticator. Take extra precaution with your private identifying data; don’t give out your card payment information too willingly; and protect your devices from theft.
An identity factor: The last factor uses your identity through biometrics technology. You have the ability to gain information access via fingerprint, voiceprint, or iris scan authentication. This gives you more peace of mind.
There is no guarantee that a sophisticated hacker won’t concoct a creative and hard to beat new penetration method tomorrow. But taking these preventative steps today will make it harder for someone to access your information. It’s imperative that organizations protect their information now — especially customer data — by putting the highest security in place.