Hardware or software? Not all multifactor authentication solutions are created equal.SESadmin 05/10/2017 Research
Data security has again been in the media in the last couple of months, with the NHS and other major organisations being hit by the WannaCry Malware, and Deloitte being breached by apparently more straightforward means. Many have derided the victims for running out-of-date software, and blamed users for clicking on links they shouldn’t have. While I wouldn’t go as far as that – I sympathise with the legions affected by the Wannacry outages and those working to resolve the problems – there is an underlying lesson to be learnt from both events: To be truly effective, security has to be simple.
Users are human, they click links, they hit the wrong button, and frankly, most of the time they just want to get on with their jobs.
And it’s here that many systems fail. By focusing on the worst possible scenario, rather than stopping to consider the wider impact on day-to-day operations and usage, some security platforms may make you feel like Fort Knox, but if they’re making the lives of your admins or your end users more difficult, they’re failing to do their job and potentially just kicking the problem into the long grass.
Frustration leads to bad decisions and bad actions. If your admin’s overworked, patches and update don’t get done and warnings get missed, and if your users are forced to jump through hoops, they’ll find another way to get the job done – perhaps by downloading data to a personal device to circumvent those security hoops.
It’s easy to be paranoid – in fact, in our industry it’s healthy – but in a world where users expect ease of use to be built in to every device and programme they interact with, security must pay attention to usability if it is to truly integrate with the office environment.
We’ve all been there – trying to log in to that occasionally used bank account only to give up having failed to remember the three “memorable answers” or selected the wrong digit on the 8th drop-down menu on a page. We used to put up with it as a necessary evil, but technology – and our expectations – have evolved.
That’s why, over the past decade, SecurEnvoy have sought to help our clients make their businesses more secure while making their staff’s jobs easier.
Many end users probably won’t recognise our name because we don’t get in the way. After a simple but highly secure confirmation of their identity – no longer than a standard windows login – they’re up and running, with access to all the information and applications they need. They don’t even need to remember their passwords for third party application like salesforce – SecurEnvoy’s single sign on has done that for them, more securely than the standard interface.
I truly believe that the key to better security is better user experience and this philosophy is what has driven SecurEnvoy’s approach to multi-factor authentication for many years. That’s why our software enables our customers to identify end users using more authentication types than any other tool on the market, and why end-users and admins alike are such fans of ours. One of the recurring complaints we hear about old-fashioned hard-tokens such as RSA is the additional strain they place on IT Teams from an admin perspective, and how they complicate end-users’ access by forcing them to carry an additional device around with them.
If you’re thinking about implementing multi-factor authentication within your business, but aren’t quite sure where to start, take a look at our comparative guide – which considers how hardware tokens and software tokens fair when placed head-to-head.