Business technology can be better protected through an additional layer of security. On example is with a secondary login credential, something beyond just the username and password. This approach secures account access.
According to Dave Wager, CEO of Zix, boosting cybersecurity is a necessary step for any businesses. Attacks are increasingly common, including forms like phishing, social engineering and password brute-force attacks.
While businesses attempt to address this at the corporate level, outside of the actions of the corporate Information Technology function, there are steps that any employee, and indeed consumer, can take.
The first area is with password management, as Wager advises: “Individuals and businesses need to reflect on their current password practices and ensure they are building the safest habits to protect themselves and their company from cybercriminals.”
Yet passwords do not provide complete security, as Wager states: “Many are under the assumption that if they are taking the steps to create unique passwords for each platform and application, they are secure. But it’s not enough.”
In terms of what else is needed, Wager notes what he describes as a “critical need for safeguards across the entire company network.”
In terms of examples of best practices, Wager recommends: “While there are a few different ways to protect login credentials beyond a simple username and password, one of the most popular and effective options is two-factor authentication (2FA).”
Toi illustrate this: “Implementing 2FA provides an extra layer of security by making users confirm their identity, most often via a unique code sent to the user’s phone, email address or through an authenticator app, after entering their username and password.”
This approach is important, says Wager because: “It’s getting easier for cybercriminals to breach even the most complex password, which is why implementing 2FA is critical.”
Some areas of the business are more vulnerable than others. For instance, Wager says: “Email is a common point of attack because it often contains sensitive and valuable communications.”
For this reason: “Organizations should also consider implementing an email security solution that conducts a security audit to analyze its admins, users, mailboxes, and rules for vulnerabilities such as outdated passwords so they can be resolved before a breach happens.”
These measures can be implemented from a review of internal password policies and other security measures. In order to drive change, businesses should send reminders to employees and customers alike about the importance of good password and authentication control hygiene.
