Security Fridays Week 28Michael Urgero 08/04/2021 Industry News
BYOD and MFA in the Workplace
In today’s modern world, full of Covid restrictions, more lockdowns and working from home, it’s more important than ever to feel assured that corporate assets and data are kept safe. In fact, many businesses have said that this might be the new normal for work, and maybe that’s not all that bad. After all, this work arrangement makes everyone happy; the company gets to save money on lease, utility costs and more – the employee gets to save on commute time, fuel and finally get’s some work-life balance out of their day.
All of these things come with risk. All-be-it, no real greater risk than we had before, but now we see it more clearly, so I guess that’s a good thing. Bringing Your Own Device (BYOD) to work has been around for quite some time, in fact, this blog is being written on my very own personal desktop computer device. So, we’re not exactly in uncharted territory here, or are we?
As we begin to see businesses migrate things to cloud based service providers, like AWS, Azure, SalesForce and Office 365, we’re often confronted with questions to the simple things, like how to make sure we protect our data. This is where Intelligent Multi-Factor Authentication comes in. BYOD solutions expected something of an intermittent use case. Meaning specifically, that solutions like this would be used by small pockets of workers, part of the time. The concept and idea behind it was to occasionally use a personal device for business use, but not necessarily on a full time basis. Needless to say, most companies managed this with more trust than technology. Today is different.
The pandemic has exposed something that we were certainly ready for, but just hadn’t fully committed to. Remote work on a full-time basis. Now, as we begin to venture down this path we all understand more clearly the risks associated with remote work, especially when using personal devices – that may be used part of the day for business and part of the day for personal things.
Intelligent Multi Factor Authentication protects our credentials by assuring that the person using them is us and only us. It’s more than a password and can include a variety of factors to confirm our identity. Most major systems have these today, like Office 365 but unfortunately many systems that are in our possession don’t. A standard Windows username and password, or even using Windows Hello can leave the data you have on your device, business data, vulnerable to attack and loss.
What we do to solve for this challenge is to provide Multi Factor Authentication for the Windows logon itself. Our Windows Logon Agent provides an additional layer of protection for the device directly and the important things within it. By protecting the main entry point of the system, we’ve dramatically reduced our exposure and risk. When used in concert with other standard security practices, like drive encryption, anti-virus, malware and ransomware protection you can feel confident that the things your employees are working on are battle tested.
It’s one thing to deal with a changing work environment, it’s another to make sure you do it safely.