A recent report, Cyber Criminals, College Credentials, and the Dark Web from Digital Citizens Alliance (DCA), confirms what has long been feared: The problem of hackers stealing the usernames, passwords, and personal information of students and faculty from colleges and universities and selling this information on the dark web is greater than most realized.

In part 1 of our MFA 101 series, we talked about what multi factor authentication is and many of the common terms and factor types. Now that we’ve covered the basics of multi factor authentication, it’s important to consider the WHY. As in, what motivates an organization to implement multi factor authentication?

Multi factor Authentication (MFA) is an extremely hot topic among enterprises, education organizations, and consumers alike. Almost daily, we hear about a data breach being discovered in the news. Often, the response to such an intrusion is for the impacted users to change their passwords and enable some type of multi factor authentication on their accounts.

In 2017, ransomware, the use of weaponized encryption to block access to a computer system or service until a ransom is paid, is all the rage among hackers. In fact, ransomware is now one of the top three most common malware threats.

The situation is dire, with hackers requesting ransoms of up to $73,000 per attack. Ransomware payments totaled more than $1 billion in 2016, a massive jump from the mere $34 million paid in 2015.

Now that your C-suite understands your company’s information security program, it’s time to move further into the educational phase.

As you evaluate and prioritize the risks your organization faces, identity and access management (IAM) should become a clearer and clearer priority. To help you educate your CEO on the need for increased investment in modern IAM solutions, here is some key IAM terminology that you can use as you work to transition your company to a more modern strategy.  

Upgrade now for new report templates, password alternatives for Chromebooks, and remote start-ups, logins, and shutdowns.

We are very excited to announce the latest releases of RapidIdentity 4.2 and RapidIdentity MFA 4.8 (formerly 2FA ONE) and want to share the details of the new capabilities available to those who choose to upgrade.

By now, we should all be aware of the inadequacies of passwords. Breach after breach, it's been made painfully clear that single-factor authentication is not enough. But when the traditional means of authentication are so clearly flawed, what’s the next step?

Generally speaking, the best practice is to step-up your security with either two-factor or multi-factor authentication. As these standards have quickly become essential parts of the information security toolkit, they've also become top-of-mind considerations for many IT and security pros.

Eliminating or reducing the number of passwords in the enterprise remains a top focus of management and security professionals alike. While single sign-on technologies, such as password managers, identity federation, and operating system-based technologies, that reduce and simplify the number of passwords have been in use for years, the number of passwords and emerging technologies to address the problem has also increased.

Intruders Thrive on Complacency.

When it comes to the threat landscape, nothing makes information security teams shudder more than complacent users, whether they be employees, partners, vendors, or customers. Yearly security and awareness trainings have become all the rage (rightly so), helping to check off boxes on company compliance audits. However, all too often, new users or even seasoned veterans can be caught off-guard and open the door to evildoers.  

Compliance with the Payment Card Industry Data Security Standard (PCI-DSS) alone does not ensure security against data breaches and stolen payment card records. Even the PCI-DSS website defines the standard’s priorities as helping: