Thou Shalt Manage Access Securely

Thou Shalt Manage Access Securely

The 10 Commandments of IT Security

IT Security Commandment #5: Thou Shalt Manage Access Securely

It is late in the evening, and you are snoozing on the couch. Your phone rings unexpectedly and wakes you. You pick it up, “Hello?” and an unrecognizable voice says, “Help me! I am at your front door, can you let me in your door right now?” What would be your response? Most likely it would be, “Who is this!?” And, hopefully the person identifies themselves as someone you know as you run toward the door to look through the peephole. You are intrinsically performing identity authentication. You are making sure you know who it is, so you don’t inadvertently let someone with nefarious motives into your home. Smart move!

Multi-Factor Authentication (MFA) Adds a Security Layer

Doing the same thing as it relates to access to your organization’s network, software, data, and equipment ensures that you are complying with the 5th Commandment of IT Security which is: Thou Shalt Manage Access Securely. In other discussions of the 10 Commandments of IT Security, we have mentioned a number of ways to manage secure access—everything from passwords, to encryption, to how to manage “permissions” to certain folders/files in your network, to simple laptop locks. But this commandment focuses on authentication—specifically Multi-Factor Authentication (MFA). Our point of view is if MFA can be implemented for every service/program you log into, it should be.

Multi-Factor Authentication adds an incremental layer of security beyond usernames and passwords to limit access to systems and software. In simple terms, whenever a user attempts to access something, a unique code is sent to the computer or smartphone of that user. The user must then input that code in order for access to be granted. The reason this layer is valuable and works well is that it reduces the risks associated with thefts of credentials and duplicate/weak passwords used across various systems. Google security reports that putting MFA in place can prevent over 95% of bulk phishing attempts and over 75% of targeted attacks.

Putting MFA in place can prevent over 95% of bulk phishing attempts and over 75% of targeted attacks.

Implementing MFA is fairly easy. It is an extra step that staff members must come to accept and recognize the value it brings. There is usually a nominal set-up cost and then an ongoing modest licensing fee per month per user. It is money well spent. Many organizations have smartly decided to put a cyber-liability insurance policy in place. Those insurers can attest to the value of MFA as they are now demanding it be in place for access to network systems, email, and key software (especially financial and accounting software). We recommend that anything that your staff uses every day that is proprietary or important should have MFA in place. We especially suggest that MFA be put in place for any user who has administrator access to the key server or key applications at your business—a requirement by cyber insurers.

So again, just think of MFA as another way of saying, “Who is there?” “Who is this?” and getting the right answer before you let anyone into your network. Do that and you are following the 5th Commandment of IT Security! Contact IT Radix today for more information on how to protect yourself and your team.