3 Security Solutions to Fight Data Breaches
We hear about them often: data breaches. They happen to Yahoo, Target, Uber, eBay, JP Mogan & Chase, Equifax...the list can go on for pages. But what is a data breach? And how can we protect ourselves and our valuable personal data?
According to Microtrend, “A data breach occurs when a cybercriminal successfully infiltrates a data source and extracts sensitive information. This can be done physically by accessing a computer or network to steal local files or by bypassing network security remotely.”
Essentially, it’s when information you didn't want released is stolen. It could be from cyber hacking or it could be a physical inside job. So how is all this information being stolen when the applications we use, the companies we trust, and our computers all are loaded with security features to stop sensitive information from being shared? The answer is, while we depend on software, our biggest vulnerability is our password.
In Verizon’s 2015 report, it was discovered that 63% of confirmed data breaches involved leveraging weak, stolen or default passwords. A more recent Verizon report goes on to state that data breaches involving stolen or weak passwords increased to an alarming 81%. The increase suggests our security is not becoming more secure, but less.
The trend is clear: static passwords are weak, outdated, and not up to the task of securing our information in the digital age. While we're eager to discover new and advanced software, our security know-how seems to be lacking. But this doesn't mean there aren't solutions. Here are three ways you can fight against data breaches:
#1: Make your password policies more complex
Implenting a complex password policy is a good start. Many applications and websites already have this to a degree, and includes requiring a minimum number of characters (10 or more), a mix of numbers and letters, or special characters. Requring the user change their password every few months would also increase security. Implementing a policy is important since without one, many people will choose convenience over security, leading someone to use the same easy password across multiple accounts. Complex password systems aren't fullproof, but it's a good first step. However, be prepared for the number of users who'll need a password reset after forgetting it.
#2: Add Two-Factor Authentication
If you want to add two-factor authentication (or 2FA), there are two great choices available:
- One-Time Password (OTP) Solutions
While OTPs have their vulnerabilities, they can stop most data breaches. In the case of a breach, the hacker only has a password that is valid for a short period of time, so their ability to use what they've stolen is limited. It’s best to choose a time-based OTP. 30-second and 60-second OTPs are the most popular. OTP apps or SMS OTPs are available to use directly on your phone, but for even better security, it's best to get hardware tokens, which aren't vulnerable to malware.
- FIDO U2F Security Keys
One of the best solutions in the market today are FIDO U2F Security Keys. These USB devices store a private key on their secure model, making it impossible for anyone to access your account without your key. Many password hacks could have been negated and billions of dollars saved by having employees simply sigh in by inserting a security key. It's highly convenient, since it reduces reliance on complex passwords.
#3: Biometric Authentication (Three-Factor Authentication)
Three-factor authentication includes the following:
- Something you know (password
- Something you have (OTP or U2F Security Key)
- Something you are (fingerprint, retinal scan, etc.)
It’s expensive and takes time to set up, but nothing can compete with biometric authentication solutions. Using a fingerprint or retinal scan on top of a password and traditional 2FA ensures that no one's going to be breaching your data in the near future.
Looking to get your hands on more security to prevent a data breach? Click here for more information or to get a test kit.