Summary: As these security breaches increase at alarming rates, businesses must improve their application security practices. Learn how 2-factor authentication can protect your applications against one of the most common security risks, and keep your company from a disaster.
2013 was a record-setting year. Just…not in a good way.
Did you realize that 2013 broke the previous all-time record for the number of exposed records caused by reported data breach incidents? The 2,164 incidents reported during 2013 exposed over 822 million records, nearly doubling the previous high mark set in 2011.
According to a recently released 2014 Data Breach Investigations Report, this year isn’t off to a great start either. Besides the widely publicized “Heartbleed” bug, we’re seeing a growing number of data breaches.
The leading cause of data breaches: Stolen credentials. Hackers steal login credentials and use them to access an application or system. For businesses, the results can be devastating. Hackers can steal confidential company information, customer credit card numbers, employee data, and more. To make matters worse, the negative press generated by such an attack can often surpass the damage done by the hackers themselves.
How to protect your applications
So, how can you protect your business web applications from this threat? While I could rattle off a long list of security best practices, here’s a great place to start: Implement 2-factor authentication in your sensitive web applications.
What is 2-factor authentication? Two-factor authentication adds a second level of security to an account log-in. As illustrated below, rather than identifying users with a single factor (user name/password), it adds a second identification factor to the login process–usually a pin number delivered via sms to the user’s mobile device. Used in popular web services (like Gmail, Twitter, Linkedin, etc…), two factor authentication is designed to maintain security, even if a user’s login credentials are compromised.
How 2-factor authentication helps businesses
While businesses may not need 2-factor authentication on every single application, it’s a great way to protect sensitive business data or employee information. For example, here a couple of ways 2-factor authentication can help secure your data:
- Require a pin number when accessing an account from a new computer
What happens when a hacker steals one of your employee’s login credentials? Without two-factor authentication, that hacker will easily access your system. However, a web application using 2-factor authentication can be set up to require a pin number any time a login attempt is made from an unrecognized device. Delivered to the employee’s verified mobile device, the pin number ensures that attackers can’t access the system using the stolen login credentials alone.
- Require a pin number for every login
For the most sensitive data, 2-factor authentication can even go a step further. For instance, companies often restrict sensitive data access to a few executives. If an internal employee (or corporate spy) steals an executive’s login credentials, sensitive corporate data could be compromised. To address this risk, applications using 2-factor authentication can be set up to require a pin number for every login attempt–ensuring that only the correct user can access the data.