High-profile security breaches top world headlines every day, and for good reason. The cost of a single corporate security breach averages $3.86 million. That’s not exactly chump change. Yet, despite the significant costs involved, both in dollars and reputational damage, many of these breaches could be prevented.
For years, we’ve known that authenticating with usernames and passwords alone is no longer sufficient security, especially for highly sensitive data and applications. However, some enterprises are continuing to play a risky game. In its most recent Data Breach Investigations Report, Verizon found that stolen or weak credentials are still causing a significant number of data breaches.
When you look at the costs involved, it should be an easy decision to add an additional authentication factor. Multi-factor authentication (MFA) is a proven security measure to reduce the risk of breach. And it doesn’t oppose convenience either. Users are becoming more accepting, even welcoming, of the additional security that comes with additional authentication, particularly when sensitive data is involved.
The industry trend is to utilize the user’s mobile phone as the second factor, because as we know all too well, it’s something that most people always have with them. A mobile app is called during the authentication or authorization to verify the user’s identity. The user completes login with either a swipe or by using the phone’s built in biometric features, like a fingerprint or facial scan. This creates a combined assurance of “what you have” and “what you are,” which is pretty cool and way more secure.