23
MAY, 2018
Two-Factor Authentication
Phishing
Credentials
With threat actors becoming more and more focused on credential theft, organisations are becoming increasingly aware of the importance of two-factor authentication (2FA).

 

2FA is one of the best ways to protect against remote attacks such as phishing and credential exploitation, as attackers are unable to access your accounts without having your device needed to complete the second factor.
‘Most cyber-attacks can be traced back to the theft of login credentials, enabling attackers to gain entry into proprietary systems.’
Screenshot of emerging trends
Two Factor Authentication, also known as 2FA, is an extra layer of security that requires not only a password and username but also something that only, that user has on them, i.e. a piece of information only they should know or have immediately to hand – such as a physical token.

Using a username and password together with a piece of information that only the user knows makes it harder for potential intruders to gain access.

Historically, two-factor authentication is not a new concept but its use has become far more prevalent with the digital age we now live in. There are now countless solutions that provide two-factor authentication capability that organisations can utilise and Microsoft Office 365 has even included it in many of its business plans for a number of years.

However, the problem is finding the right one that suits your business practices. Three considerations when assessing potential solutions are:

  • Cost – it can be on the expensive side as it can bring potential cost increases for things like additional support, maintenance and training.
  • Backup Options – there needs to be a backup plan in place in case a user loses their phone or token.
  • Complexity – some physical authenticators require additional drivers, adding another dimension of complexity for deployment, support, and maintenance.

Protect the ‘Keys to the Castle’

One of our customers has taken an interesting approach to securing credentials within their organisation. With limited budget and resources meaning they couldn’t apply two-factor authentication across their entire estate, they focused on securing administration accounts for free, with the help of Duo Security.

Why focus on securing administration accounts?

Regularly changing administrator account passwords is even more important than regularly changing unprivileged user account passwords. There is only a certain amount of mischief an attacker can get up to with regular user access but if they obtain the password of a systems administrator, they have the ‘keys to the castle’ and the entire organisation’s infrastructure is at risk.

However, the audits conducted by Secrutiny have found that 80% of organisations have admin passwords that have not been changed in two or more years, and more often than not, employees re-use passwords from Microsoft Office accounts and their personal online services.
This creates the following risks:

  1. Unknown data movement due to forgotten legacy scheduled jobs.
  2. Insider misuse – vendor or (ex) employee – which is 6x more common than “hackers”.
  3. Cached local password secrets (and simple things like password entries in username fields of events logs etc.) are susceptible to misuse.
Duo Security provides a cloud-based access protection solution. They have a user-centred philosophy that provides two-factor authentication, endpoint remediation and secure single sign-on tools.

They allow organisations to test out their solution with a lifetime free trial for up to 10 users. This customer decided to use this free trial to secure their most important users – system administrators.

Duo’s 2FA solution is simple and offers a variety of supported authentication methods to fit different business practices, such as SMS Passcodes, Phone Callbacks, Application push notifications and many more.

For more information about Duo Security or advice on selecting the right Two Factor Authentication solution for your organisation, fill the form below to get in touch.

Keep Up To Date

Join our mailing list to receive the latest news and updates from Secrutiny.

GET IN TOUCH…

Keeping you up-to-date

*We’d love to keep you up to date with security alerts, free tools & techniques, event invites and company updates. We’ll always treat your details with the utmost care and will never sell them to other companies for marketing purposes. Remember you can change your preferences and opt-out at any time.