Layered Security – Two locks are better than one

Redundant security has been a tried and true method of decreasing or deterring breaches for hundreds of years.

The Romans did it. Their forts were never guarded by just a single soldier. There would be at least two soldiers per wall, or more depending on the size of the structure being guarded. Fast forward a bit to the banks of the 18th and 19th centuries. Money was held in a locked safe that was kept in a locked cage that was surrounded by a locked building. Now fast forward even further to today. Some of our most precious and sensitive data is behind a digital wall being guarded by a single lock. How secure does that seem to you?

That single security layer needs reinforcing significantly, especially noting the recent and common hacking and ransomware attacks around the world affecting major companies

Multi-factor authentication (MFA), two-factor authentication (2FA), or the use of secondary verification systems after a password has been entered, has been around for a while now. If you have ever worked in the enterprise space, you may have at one point or another been issued a token (most likely an RSA token) which will remotely generate a code that will grant you access to your company’s network. It’s very similar to what banks give out to their personal and business online banking customers. That is on top of your usual login password. The mainstream was exposed to 2FA when Google launched its Authenticator app which utilised a multi-factor authentication system called 2-Step Verification to heighten security for its Google accounts.

The pace at which cyber criminals are evolving is staggering at times. Just when the security community has isolated a cyber security threat, more complex cyber attacks organically grown from previous threats begin. Take Office 365 for example. Microsoft now offers its flagship suite of products on a whole host of operating platforms. Desktops, tablets, smartphones and phablets, can all access Office 365. For added convenience multiple people can easily access and edit the same document in real time. This is great but remember that cyber criminals also benefit from this ease of use and access. All they have to do is get past a single gatekeeper and they obtain access to your data.

After noticing a significant amount of client accounts easily being breached by hackers and fraudsters using phishing or direct hacks, Microsoft launched multi-factor authentication, called Azure Multi-Factor Auth.

Integrated into the Office 365 suite, once setup and enabled, azure multi-factor auth will require a user to enter their office 365 username and password but will then be given one of several options to process their verification:

Phone Call
Through a command-prompt and question sequence an automated voice message will verify the user’s identity.

Text Message
Same process as a phone call, but through SMS messaging.

Mobile App Notification
Receive a notification through Microsoft’s Azure Authenticator app.

Mobile App Verification Code
Enter a code through the native mobile app.

3rd Party OATH Tokens
A physical random key generator which is similar to the RSA tokens used in the enterprise space.

In today’s high-paced, “I want it now”, high-consumption society, it is easy to see why so many people may sneer at the notion of having to enter a second password. But they do so at their own peril. If you think about it, layering is not a foreign concept to humans. If it gets cold, we add another layer of clothing. If we get into a car with air bags, we still put on our seat belts. Most houses not only have a lock on the door but a deadbolt and an alarm system as well. Some even have CCTV! Layering provides a feeling of safety as well as enabling proactive security measures and we should treat our digital property in the same regards.

duo security

MFA and 2FA is already being delivered and supported by Microsoft, Google, Dropbox as well as many other third party software companies like Duo Security which can protect Remote Desktop Connections, Terminal Servers and even Content Management Systems with Two-Factor Authentication. Multi-factor authentication will soon not only be an absolutely necessity, but a cross-industry security standard.

Morris - Morris Treger

Great service!

Jane - Blackjack's Mill Ltd

Problem sorted thanks to Mohammad :)

Laurence - Silva Timber Products Ltd

Quick and easy as everything was done for me.

Petra - Chelsea Psychology Clinic

The guy who helped me was very polite and patient. Also helped me resolve my issue quickly.

Sangita - Banana Tree

Excellent service - Thank You!

Tony - Minerva MC

I was contacted within a few minutes of reporting the issue and within 30 minutes all was sorted. I\'m not totally IT literate but Mohammad was patient and explained everything simply.

Fran - FMC Ltd

I had an issue with Spam email that Mohammed dealt with speedily and efficiently.

Paul - Silva Timber Ltd

Quick service, e-mailed and someone phoned me back within 15 minutes.

Andy - Adams Mitchell

Very quick response, cleared issue very quickly.