Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

A Simple Strategy to Make Life Harder for Hackers

In 2004, Bill Gates predicted that the death of the password was imminent. Yet, a decade later, passwords remain the primary means by which users authenticate themselves to computer systems - this despite a rampant number of password breaches that have opened users to the possibility of fraud.

Old habits die hard, apparently. Gates was spot on when he said that users do a poor job of protecting their password - and that human flaw is ever accentuated in today's era of mobility. As more corporate-owned resources are accessed by smartphones, tablets and other user-owned devices, data is at risk.

As such, organizations must turn to additional authentication solutions to strengthen their security posture, particularly in time when easy-to-crack passwords are still such a critical problem. Two-factor authentication is an easy and effective way to add an additional layer of security - and many companies understand that.

So why isn't everyone doing it? Well, there are a large number of organizations that are frustrated with their current hardware-based authentication solution, which can be cumbersome for administrators and users alike. But two-factor authentication doesn't have to be complicated, and it provides much better protection than simply using passwords.

Michael Osterman, principal analyst at Osterman Research, told me recently: "Two-factor authentication provides substantially greater protection than simply using usernames and passwords. A cloud-based, managed two-factor authentication capability can provide the additional protection that an organization requires without imposing more difficulties on end users or IT."

Here's what you need to know about two-factor authentication:

It's all about something you know and something you have:

Two-factor authentication uses a two-step process to authenticate a user. A user typically employs a username and password as one 'factor' of authentication and then they will use a unique code sent via text, for example, as the second factor.

It's not complicated:

Today, cloud-based, managed two-factor authentication can be quickly and easily deployed across an organization to help secure networks and applications, protect users, and address data protection compliance mandates.

Two-factor authentication offers an easy way to strengthen security outside and inside:

Historically the largest deployments of two-factor authentication have been on external VPN connections and on vendor and third-party portals. However, we are now beginning to see more organizations deploy two-factor authentication inside their organizations on specific target applications because it's an easy way to shore up protection on internal, high-priority applications.

John Randall is a senior product manager at Trustwave.