• Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
  • Events
  • Whitepapers
  • Spotlights
  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
  • Newsletters
  • Sign in
  •  
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
     
    • You are currently accessing Computing via your Enterprise account.

      If you already have an account please use the link below to sign in.

      If you have any problems with your access or would like to request an individual access account please contact our customer service team.

      Phone: +44 (0) 1858 438800

      Email: customerservices@incisivemedia.com

      • Sign in
     
  • Follow us
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • Events
    • Upcoming events
      event logo
      Deskflix Financial Services

      oin us for this episode of Deskflix to hear from industry experts and peers on their 2020 best practices, what they’ve learnt for 2021 and how they plan to overcome the next wave of disruption.

      • Date: 03 Mar 2021
      event logo
      Good listeners: Why conversational interfaces are now a must-have

      This webinar, featuring dedicated research, will explore how conversational interfaces can add value to your digital initiatives today. We discuss the benefits of putting the AI to work and the value of the conversational channel itself.

      • Date: 17 Mar 2021
      • Virtual Event,
      event logo
      Deskflix IT Leader's Summit

      Six months on from our inaugural IT Leaders’ Festival, Deskflix IT Leaders’ Summit is a chance to take stock and reflect on the first quarter of 2021. How did you overcome the obstacles of 2020? Was progression as expected? What were your biggest threats and biggest growth opportunities?

      • Date: 24 Mar 2021
      event logo
      AI & Machine Learning Awards 2021

      The Computing AI & Machine Learning Awards recognise the best companies, individuals, and projects in the AI space today. The awards cover every corner of the industry: security, ethics, data analysis, innovation and more, as well as showcasing the movers and shakers: the technology heroes and projects that deserve industry-wide praise. The winners will be announced in London on 1 July 2020. Entries are now open!

      • Date: 09 Jun 2021
      • TBC, London
      View all events
  • Whitepapers
    • LATEST WHITEPAPERS
      Darktrace 120x194
      Cyber AI Response: Threat Report 2019

      This white paper details 7 case studies of attacks that were intercepted and neutralised by Darktrace cyber defense AI, including a zero-day trojan in a manufacturing company's network. Learn how Darktrace Antigena AI Response modules fight back autonomously, no matter where a threat may emerge, extending to the Cloud, Email and SaaS.

      Download
      Darktrace 120x194
      Cyber AI & Darktrace Cloud

      This white paper explores how cloud is a security blind spot for many organisations who struggle with the limited visibility and control in this new environment, where their existing security tools are often not applicable.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Spotlights
    • Spotlights

      Welcome to Computing's Spotlight section, where we focus in on particularly important themes and topics of enterprise IT.

      Intel logo

       

      Endpoint Management and Security Hub

  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
Computing
Computing
  • Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
 
  • You are currently accessing Computing via your Enterprise account.

    If you already have an account please use the link below to sign in.

    If you have any problems with your access or would like to request an individual access account please contact our customer service team.

    Phone: +44 (0) 1858 438800

    Email: customerservices@incisivemedia.com

    • Sign in
 
  • Security

Partner Insight: Home working: the need for multi-factor security

Partner Insight: Home working: the need for multi-factor security
  • Computing Staff
  • 07 August 2020
  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
0 Comments

During the months of lockdown and widespread uncertainty, it can be easy for unwary staff to fall victim to data breaches. Convincing scams and malicious links are rife, some linked to health or finance issues that prey on people's hopes and fears.

Computer viruses and malware can lurk in IT systems for long periods dormant and undetected, while crypto-jacking tools can do something just as insidious and costly: covertly use the organisation's processors and electricity to make money for others.

 

The home working risk

At the same time, the dispersed nature of most teams at present means that some home workers may be taking security risks of their own without realising it: sharing devices with family members, using unsecured WiFi connections, ‘shadow' IT, or unsanctioned apps within their departments.

Like the IT functions of a much earlier age, many organisations have had to ‘make do and mend' during the COVID-19 crisis, feeling their way into this world of home working at unprecedented scale.

Others may have found that their corporate laptops or operating systems are out of date, and so are unable to run recent apps for online collaboration and videoconferencing - increasing costs for the organisation as upgrades are forced on them just to keep business ticking over.

 

Supporting the team

Even those companies that had factored remote, agile working into their corporate strategies are likely to have found themselves ill prepared for up to 100 percent of staff doing their jobs away from the office for months on end. For many CIOs and IT leaders, supporting this level of remote access as the senior responsible owner and protector of the organisation's data has been a significant challenge.

A Verizon report in 2015 found that over 50 percent of data breaches were due to lost login details, passwords, and other credentials. Other surveys have found that many people still use weak, guessable passwords, while some use the same strong password across dozens of different services to avoid having to remember multiple identities.

In the latter case, a successful hack of an online repository could reveal those details to organised criminals; there is a healthy trade in stolen credentials on hackers' forums.

 

Don't make it easy for them

The ease with which a criminal or opportunistic hacker could assume an employee's identity is just one part of the problem, particularly if home workers are using insecure smart-home devices that give attackers an easy route into the domestic network - and from there into the corporate one.

Other techniques, such as phishing or spear-phishing, aim to trick people into divulging their details, while ransomware locks up devices and data, forcing people to make cryptocurrency payments.

 

The multi-factor solution

In our private lives, most of us expect strict levels of security from the apps and platforms we use for sensitive tasks, such as online banking, so it's reasonable to expect similar precautions when logging on to corporate networks and applications. After all under GDPR and the Data Protection Act 2018, the penalties for not securing private data can be severe, while the damage to reputations can be long lasting.

All of these threats are why the simple ‘user name plus password' approach to security is no longer deemed sufficient by sensible organisations. Multi-factor authentication (MFA) is essential. Such techniques are particularly effective when deployed at hardware level, and they have the additional advantage of negating the need for passwords at all, which makes the hacker's task much harder.

Amongst the multiple elements that can be triggered or demanded by MFA include a personal identification number known only to the user, a unique code sent by text to the user's registered phone number, or even a biometric identifier, such as a fingerprint. In most cases, it's highly unlikely that a hacker would have access to each of these identifiers.

The greater the number of factors included at the checkpoint or security gate, the greater the assurance that the person is who they say they are and so should have authorised access to the device, application, network, and/or data.

One feature that would be particularly beneficial in a home-working scenario is presence detection and/or a timed lock-out, so if a user leaves their device logged in but is away from their machine, or inactive for an extended period, they can be disconnected from the resource.

By making security a more seamless and less inhibiting experience for the user - and for the IT support team - organisations can enhance the user experience of their employees whilst making them more secure at the same time.

To learn more about how the Intel vPro® Platform supports MFA, click here

  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
  • Topics
  • Security
  • VPro Hub

More on Security

Use these tips to stay safe online - in the pandemic and beyond
Here's how to stay safe online - in the pandemic and beyond

The coronavirus pandemic threw working lives into disarray, but we cannot afford to sacrifice security for convenience

  • Security
  • 22 February 2021
Thank Zuck it's Friday #3
Thank Zuck it's Friday #3 - Data adequacy, Darktrace and 'spy pixels'

Join the Computing team for episode three of the podcast that gives you the lowdown on the hottest tech news of the week

  • Privacy
  • 19 February 2021
North Korea targets Pfizer in vaccine hack
North Korea targets Pfizer in vaccine hack

South Korean intelligence says the attack was probably meant to raise money for its poorer northern neighbour

  • Security
  • 16 February 2021
The latest Computing podcast is here!
Computing Podcast Episode 2 - AI in Security, Favicon hacks and Multi Cloud

The Computing team expertly dissects the week's news, including the latest research on the top vendors in AI-enhanced security, how Favicons can be used to track you online, and whether Multi-Cloud is set to take over the world

  • Security
  • 12 February 2021
The UK Cyber Security Council will work to help people across the skills gap
UK Cyber Security Council will oversee security education and training

The UK Cyber Security Council will work with training providers to accredit courses on cyber security

  • Security
  • 10 February 2021
blog comments powered by Disqus
Back to Top

Most read

'Silver Sparrow' malware infects about 30,000 Macs worldwide
'Silver Sparrow' malware infects about 30,000 Macs worldwide
NHS faces legal challenge over Palantir contract
NHS faces legal challenge over Palantir contract
Google fires AI ethics lead Margaret Mitchell
Google fires AI ethics lead Margaret Mitchell
How advanced analytics and ML will drive your business into pole position
How advanced analytics and ML will drive your business into pole position
UK tech jobs surpass pre-pandemic levels, despite rising unemployment
UK tech jobs surpass pre-pandemic levels, despite rising unemployment
  • Contact
  • Delta
  • Marketing solutions
  • Enterprise IT Events
  • Incisive Media
  • Terms & conditions
  • Policies
  • Careers
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • YouTube

im_logo

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017
Loading