Subscribe
  • Home
  • /
  • TechForum
  • /
  • Why two-factor authentication is a must for any business

Why two-factor authentication is a must for any business

Issued by Bletchley Park for ESET Southern Africa
Cape Town, 26 Jun 2014

The repercussions of an online attack could be detrimental to a business, with both financial as well as reputation loss at stake, says Carey van Vlaanderen, CEO of ESET. With bring your own device (BYOD), mobility and cloud software becoming a standard for many companies, security should be a top priority, and two-factor authentication (2FA) should be top of mind.

2FA is more secure than passwords - many high-profile hacks, such as those that took place against the Twitter accounts of big media organisations in 2013, could not have happened if 2FA had been in place. Even if a hacker places malware on a PC and steals a password, they are still locked out.

2FA ensures that the hackers have to work that much harder. Static passwords are a cheap and unsatisfactory solution to a very difficult problem and user-created passwords can be easily guessed if they do not contain randomised characters. One-time passwords and tokens are much more secure, especially when implemented in hardware such as 2FA.

Simple patterns used to drive passwords can be easily hacked, and static passwords can be intercepted and reused maliciously without consent. With the ever-increasing and smartly crafted and targeted phishing attacks, more people are falling for these and other socially engineered type attacks ? 2FA can help mitigate this.

With companies allowing staff to work from home, or to be mobile, the danger is that few companies are providing secure access to company networks, putting corporate data at risk. 2FA provides an extra layer of security for the mobile workforce when accessing a company's VPN remotely - an office based user has to go through several layers of physical security to access company information, why should a remote user be exempt. Combining something you know (PIN/password/username) and something you have (cellphone/token/smart card) provides a more secure login process and cannot be easily guessed.

Another very important reason why 2FA has become an essential for businesses is the Protection of Personal Information Act (POPI). Given the weakness of password-only systems in today's IT landscape, particularly related to password reuse, a 'responsible organisation' should implement 2FA to reduce the risks against personal information being accessed under their control.

There is no "magic bullet" for attacks, however, 2FA is better than any password and as such with external security, that extra layer may deter any lurking cyber criminal.

Share

ESET Southern Africa

ESET is a global provider of security software for enterprises and consumers and is dedicated to delivering instant, comprehensive protection against evolving computer security threats. ESET's products rank among the world's most advanced security solutions, proven by multiple prestigious awards. ESET NOD32 Antivirus consistently achieves the highest accolades in all types of comparative testing, and is the heart of the virus and spyware detection in ESET Smart Security. ESET Smart Security is an integrated antivirus, antispyware, anti-spam and personal firewall solution that combines accuracy, speed and an extremely small system footprint to create the most effective security solution in the industry. Both products have an extremely efficient code base, allowing faster scanning that doesn't slow down computers or networks. Sold in more than 160 countries, ESET has worldwide production headquarters in Bratislava, Slovakia and worldwide distribution headquarters in San Diego, California. The ESET Southern Africa head office is situated in Cape Town. www.eset.co.za

Editorial contacts

Bianca Gardella
Bletchley Park
(021) 427 1342
Bianca.gardella@bletchleypark.co.za