The sad fact is: Business is very, very good – for Hackers and Cyber Criminals. They are setting all-time records in Ransomware and other types of breach attacks. How will you protect yourself? First, it’s important to have reputable, knowledgeable, and experienced IT support – whether it’s in-house or an outsourced Managed IT Services provider.
Take a survey of the top firms in the Charlotte IT Support Community, and if they are knowledgeable and experienced, they’ll tell you that Firewalls and Anti-Virus (AV) are not enough – even if they are state-of-the-art. IT services people are well aware of this. Crooks are smart and crafty, and they know the way into a network that boasts the very best in next-generation Cybersecurity is through the end user. Management and the employees are the focus. There are many defenses to implement, but Multi-Factor Authentication (MFA) is of prime importance.
While cyber threats continue to grow, many low level ‘IT Guys’ still think a password is enough. It is not. This is just one area that separates the best from the mediocre in the IT Services world.
What is meant by multi-factor authentication?
Multi-Factor Authentication (MFA) represents the login steps that prove you are authorized to access a network, program od website – it can be virtually anywhere. Either you or your in-house IT services or outside Managed Services Provider should immediately set MTA op - it is the strongest Cybersecurity ‘first-defense’ against cyber criminals trying to breach your system. Every factor needs to be strong, but the overwhelming data shows that they are not. It goes beyond passwords.
What are the three 3 common factors used for authentication?
1) Something you know: Your password/identification number and answers to personal questions (the classic being ‘What is your mother’s maiden name?’).
2) Something you have: Scan cards, tokens of some sort and codes sent to your smartphone to verify your identity.
3) Something you are: Thumb or fingerprint, retinal scan etc.
This is better and more thorough than Dual-Factor Authentication (2FA), where two levels are used: typically a password and an identifying question.
Factor #1: Something you know
Part 1: Passwords
Your password should only be the first factor in a multi-factor authentication process, but it simply cannot serve as the ‘be-all-end-all’ of your individual Cybersecurity defenses. All of the Firewalls, Anti-Virus, and email filters in the world cannot protect your network when hackers can figure out an inadequate password and gain entry to your network to victimize you.
In this day and age a strong password is a must, but it’s only a start. The two weakest links in the Cybersecurity chain are the end user and their passwords. More cyber criminals gain entry to networks by duping end users than by any other means, and there is nothing your IT services can do to prevent an employee allow criminals into the system. The #1 method of breaching a network is through Phishing emails which contain a malicious link or attachment that, once clicked on, lets the hacker or virus right into your system to wreak havoc.
But let’s say the user doesn’t fall for these Phishing expeditions. Now the hacker has to figure out the password which is sadly not that difficult because they are typically predictable.
Factor #1, part 2: Identifying Questions
Identifying questions can be tricky: cyber crooks ‘case’ a company through social media like a robber cases a bank. If your question is “What is your pet’s name?” and your facebook page has hundreds of photos of you and your cat ‘Admiral Kittybiscuits’, then that question offers zero defense against intrusion. You might as well leave your window open with a clear view to the painting on the wall pulled back to reveal your open wall safe. Choose something you haven’t talked about everywhere on social media – crooks are lurking and watching.
Factor #2: Something you have
This is a physical item. The same type of security feature used for entering and moving around facilities, this is a physical cryptographic token: a card you swipe to gain access. This is also surreptitiously provided with a digital certificate installed within the computer to allow the user access to the VPN. The user usually doesn’t even know it’s there.
Something else you may have is a smartphone and the code the MFA sent to it, which you then type in.
The Third Factor: Something you are
Biometrics use thumb or fingerprints, retinal scan, voice, even facial recognition etc. It scans part of you to determine that you are you.
Note that any good Managed IT Services provider should be able install the hardware and software for factors 2 and 3. You should not need a separate vendor for this – any more than you would need one for closed-circuit camera surveillance and a feed to your computer – your IT support should also be able to install these devices.
Overview:
The simple password-based logons are weak in the face of today’s cyber threats – especially if the passwords themselves are weak. Criminals spend a lot of time searching for companies and identifying vulnerable spots, and one crook doesn’t do all the work. There are people who are just researchers – finding key personnel, looking through their social media for information, and sending out test phishing emails to see who opens them.
The criminal that attacks your system can buy blocks of information on the dark web with valuable information that helps them to breach your system or infect you with Ransomware. The community of cyber crooks has echelons and are extremely dedicated to turning your money or data into theirs.
Frequently Asked Questions
Q: What is the difference between 2FA and MFA?
A: MFA uses multiple levels of authentication (such as all three types). 2FA requires only 2 – generally a password and an identifying question. MFA is a much stronger login protection.
Q: What is the most commonly used password?
A: The most common is ‘password’. Seriously. It is also the weakest.
That is according to NordPass, who also round up the rest of the Top 5 most common and least effective passwords of 2022:
2) 123456
3) 123456789
4) guest
5) qwerty
It typically takes a hacker one second or less to break these, and “VOILA!”: The gypsies are in the palace. If you are using any of these (and the next 5 most commonly used passwords are no better), take the time to up your password game. Firewalls and Anti-Virus (AV) are as weak as your home’s front door if you leave your spare key under the welcome mat. Use STRONG passwords!
Q: What is a strong password example?
A: One very good practice is to create a sentence about your life, then use only the first letter of each word. Intersperse symbols, numbers, lower- and upper-case characters. Some fairly common ways are to use @ for the letter ‘a’, $ or the number 5 for ‘S’, & for 8 or the number 0 for the letter ‘O’ - or vice versa for any of those. Create simple rules for yourself, like the letter O will always be a zero (0), and a zero will always be a lower-case letter ‘o’.
Using that methodology, here’s a good example: “I married my loving wife (or husband) on August 23, 2008, in Santa Monica California” becomes “ImMLw0&23o&i5Mc”. It looks like gibberish, but if you set your own rules, as in 31 above, and follow them, it will become child’s play to create them and remember them.
Test your password. This is a handy site: PasswordMonster – try your passwords out and see how long it would take to crack them.
The worst, ’password’ would take ‘0 seconds to crack’.
The example above, ‘ImMLw0&23o&i5Mc’ would take ‘9 Trillion Years’ to crack. Most crooks won’t wait that long…
One key thing to have when juggling different, hard-to-break passwords is a good Password Manager app. It holds all your passwords and will apply them with a click. The only password you have to remember is that of the Password Manager.
Q: What does password generator do?
A: It is a tool that creates very strong, unpredictable passwords based on your input. As these passwords are not generally second nature for you to remember, a password manager can come in very handy.
Q: What is the purpose of password manager?
A: For users juggling a lot of different and complex passwords, a password manager stores them all securely. The only password you would need to remember is the one for the password manager itself.
This can also be used on smart phones.
Q: Is Captcha considered MFA?
A: NO. Captcha is just a way for websites to keep Bots out. It does not figure into MFA.
How Secure is your network?
Also, as a longstanding, reputable member of the Charlotte IT Support community, ITFirm.com offers a FREE, no-risk network and Cybersecurity assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation to ever use our Managed IT Services.
The two best defenses are next-generation Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.
We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT Services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Planning an Office Move?
Contact us today! We have the experience to ensure a seamless transition. After the move, your employees will arrive at the new location to find their IT infrastructure ready and open for business!
For more information on office moves, or to receive your FREE no-risk network and security assessment, just fill out the form on this page or call us at:
704-565-9705
