Digital passwords have been around long before desktop computers were invented. And they’re still the most widely used online security measure. Unfortunately, passwords are only moderately effective but can be easily cracked if you use easy-to-guess passwords like “123456,” “fo0tball,” and “passw0rd.” That’s a serious problem for business owners who rely on employees to protect valuable data.
Data breaches can cost millions of dollars and in California, the bar for what constitutes a breach is pretty low. Some companies take months or years to recover, depending on the gravity of the incident.
The dangers of relying on passwords alone
Many of the Campbell-area businesses that come to us for help rely solely on passwords to protect their sensitive data. In the IT world, this practice is known as single-factor authentication (SFA). Let’s take a look at how an SFA approach can endanger your business:
#1. Business email compromise (BEC)
BEC is a type of cyberattack designed to impersonate a company’s senior executives to trick clients and employees into wiring money to fraudulent bank accounts. According to the Federal Bureau of Investigation (FBI), more than $1.2 billion in domestic and international losses were recorded in 2018.
It’s not hard to guess why BEC attacks are a favorite tactic among cybercriminals — they only need to hack one executive’s email account to fool employees into sending them money. And once funds have been transferred, they become almost impossible to track and recover.
#2. Outdated tools
Today, many businesses are still using antiquated IT, such as the simple mail transfer protocol (SMTP) for office email. This technology was created before multifactor authentication (MFA) became best practice and added another layer of security.
Without MFA, cybercriminals can perform “downgrade attacks,” which force apps and platforms to use less secure protocols. For instance, an SMTP-based email system can be downgraded to display messages in plain text, making it easier for criminals to intercept sensitive data.
#3. Password reuse
It’s hard to remember multiple passwords, and as a result, users tend to reuse passwords across several accounts. This is a massive security risk for organizations using SFA. If one of your users reuses one password on multiple websites, a data breach on one website translates into a breach on every other site using the same password.
What are the possible solutions?
Strong user authentication tools are needed to avoid account breaches. Let’s take a look at some of the possible solutions for businesses:
#1. Software or SMS authentication
Instead of relying solely on passwords, you can add a secondary authentication step, such as a login prompt sent to a mobile app or one-time SMS code. A hacker wouldn’t be able to access any part of the account information without completing the first (password) and second (mobile device authentication) steps. This ensures that the owner is really the one logging in to the account.
#2. Biometric or token-based authentication
App prompts and SMS codes are sufficient upgrades, but more advanced cybercriminals have found ways to intercept SMS messages and cellular data. It’s a relatively new strategy that is gaining popularity. Fortunately, biometric and hardware-based authentication tools solve this issue.
Before smartphones and desktops came equipped with fingerprint scanners and facial recognition software, security professionals simply gave users keycards or keychain-sized tokens to verify their identity. These solutions confirm a user’s physical location, which makes things much harder on hackers.
#3. Hybrid solutions
When some of your IT infrastructure is in-house and some is in the cloud, doing away with SFA might seem tricky. In reality, most cloud providers offer MFA as a free or low-cost feature. It’s an absolute must-have for businesses of all sizes and in all industries.
Enabling ironclad MFA policies opens up the possibility of single sign-on (SSO) authentication, which lets users log in to one account to access all of your company’s apps and platforms. It’s one of the simplest ways to avoid forcing your employees to manage an overwhelming number of passwords.
Don’t let poor security management become the downfall of your business. Our INFINIT Shield security solution empowers your company to be more secure by implementing intelligent technology that minimizes the risk of threats to your business. Do you want to read more about our security advice? Download our free eBook today!