Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Securing the network beyond passwords

Mike Mahurin, CISSP, CISM, CISA, a Design Architect with Alexander Open Systems | March 4, 2013
Passwords have been a weakness of network security since the development of computer networks. Through guessing weak passwords, exploiting weak passwords, acquiring passwords through social engineering, or more recently using malicious software like Advanced Persistent Threats (APT), attackers have focused on compromising passwords to gain access to the network.

Multi-factor authentication is another line of defense that can be implemented to protect authentication. While effective in reducing risk, most organizations limit multi-factor to external access to the network due to the cost of the technology and limited user acceptance of the technology.

Organizations should focus on deploying multi-factor authentication for systems that provide external access to sensitive applications or massive amounts of data. It should be remembered that no multi-factor authentication method is invincible, but is another tool to reduce risk.

Password authentication is a weakness that we will have to live with for the foreseeable future. But through defense-in-depth security architectures that address authentication as a holistic system of people, processes and technologies, a company's risk can be reduced. Reducing risk to a level that allows the organization to function in the most efficient way possible should be the goal of all network and security professions.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.