When you move to the cloud, there may no longer be a PC under the desk, but the user is still the weakest link in the chain.
“Most people have terrible habits when it comes to passwords,” Kochhar confirms. “They use the same passwords everywhere, and some write them on sticky notes and put them on their monitor. You can have a software provider with the best security on the market, but if one employee happens to choose a bad password that can be guessed in a social engineering attack, it can be catastrophic. Login credentials are critical to the whole security package.”
Ballantine adds: “If all the people working with your security aren’t aware of their obligations, then it’s going to be like plugging holes in a dam that will burst one way or another. Security also needs to be elegant – it has to work and not get in the way. The moment it gets in the way of people getting their jobs done, they’ll move on to something else that doesn’t.”
The simplest and most elegant way of strengthening identity based security is to deploy a two-factor Single Sign On solution incorporating two-factor authentication. This requires both a password and a physical token, such as a smart card or encrypted USB key, before the user can be logged in. Even if a password is discovered, without the unique hardware token present, access is denied. Such two-factor authentication enhances network security and allows enterprises to ensure that employees can securely access company information and networks, both locally and remotely.
Strong user identification, alongside sufficient investment in two-factor identification, ultimately saves businesses money. Integrated security solutions protect organizations from data security access breaches that result in costly disclosure events, lost revenue and damaged brands.
Next: Ring of fire
Back to: Identity management
Back to: Overview