by George Waller, a founder and the prior CEO of StrikeForce Technologies
BYOD is now one of the hottest discussion topics in just about every company. Do we or don’t we allow employees to bring their own devices and connect to our network? This discussion has IT security and privacy officers in heated battles against the executives, and rightfully so. It’s hard enough trying to secure your own networks from intruders, but trying to enforce that same level of security with a bunch of rogue computers that you don’t know anything about will keep you up at night.
If your company is planning on endorsing BYOD, there’s two technologies that you need to know about, Multi-Factor Out-of-Band Authentication and Anti-Keylogging Keystroke encryption software. Anything short of using the combination of these is essentially like daring the hacker community to breach you.
In an Out-of-Band Authentication environment the user credentials are sent via two different channels in real-time. The username is sent over the computer (IP), but the authorizing password or OTP is sent over something that the user has like a phone. The reason why it’s so safe is because only users have access to their phone, and if it rang and asked to authenticate into the company’s VPN and they are not actually doing that, they can deny the login authentication or transaction.
Multi-Factor Out-of-Band authentication is designed to authenticate individuals and employees and/or authorize transactions in real-time. Out-of-Band platforms can be integrated into many types of environments such as remote access (VPN), domain access, website access, risk-mitigation and transaction-based systems. Make sure that the Out-of-Band system can be installed both locally on-premises or accessed through a cloud service. Some systems also offer an authentication redundancy feature which minimizes password/device-related helpdesk calls by providing users a backup authentication method.
Keyloggers are now the top threat against businesses and consumers, according to a recent data breach study by Verizon. They record every keystroke you type into your computer and are common tools used by hackers to steal user names, passwords, personal and business information. The best anti-virus programs can only detect about 20% of keyloggers and new ones are being developed every day which are able to bypass detection completely. Anti-keylogging keystroke encryption software protects the user by encrypting each and every keystroke in real-time, preventing keyloggers from stealing any information typed into the computer.
BYOD is going to be a painful journey for most companies. Most likely we will fare better in the end for accepting it, but let’s not jump in without deploying best practices.
More at www.strikeforcetech.com