Page 8 - Cyber Warnings
P. 8
Multi-Factor Authentication and Mobile Devices
Smart Security Makes Life Easier for Users...and Harder for Hackers
by George Brostoff, CEO, SensibleVision
Security is as much about deterrence as prevention. From the highest-clearance government
servers to the halls of the Louvre, no security system is impenetrable to a sufficiently clever (and
motivated) criminal.
The key to proper security is not to make a system uncrackable, but to make it so time-
consuming and inconvenient to crack that the perpetrator will simply reassess and look
elsewhere.
After all, a burglar alarm won’t actually stop a criminal from invading your home, but knowing
that one is installed (or even a decoy sticker on the front door) may cause a robber to skip your
house in favor of one without the risk of the police getting a call.
And if you also have a guard dog or security camera, each additional layer or protection makes
the invasion that much more of a hassle and gives robbers yet another reason to look
elsewhere.
In the world of cybersecurity, this approach is called multi-factor authentication, and it relies
on one of the basic principles of a good defense: making systems more challenging and thus
less desirable to attack.
Why We Need to Change
Passwords and physical and virtual tokens provide multi-factor security, but traditional multi-
factor security can be frustrating for authentication on mobile devices. Several issues are forcing
security experts to seek new ways to protect users:
1. Mobile is in: Most people work on their personal devices at home and on the road more
than at a desktop in an (often secure) office. This makes more secure authentication
more critical than ever..
2. Users prefer simplicity: The more security steps users have to take, the more onerous
they will find the process and the more likely they are to skip one or more steps - or opt
out of the process entirely. And unlike desktops, users access mobile devices far more
frequently each day, virtually mandating a simple secure solution.
3. Traditional authentication solutions are geared for desktops and laptops: Asking
user to carry another token for their mobile device is just not practical. And as noted
above, a phone can be its own second factor.
8 Cyber Warnings E-Magazine – May 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
