Pro IT Services: Professional - Proactive - Proficient

PG&E Public Safety Power Shutoff is scheduled for Wednesday, October 9th at 4 AM for much of Northern California. For planning purposes, PG&E suggests customers prepare for outages that could last several days. Please take appropriate actions to ensure the safety of your systems if you are in a targeted shutdown area. See if your area is affected here...

Looking at USB/NFC Keys for Extra Account Security

August 1st, 2017 by admin

Hijacked accounts are an IT security nightmare, so it makes sense for your company to look at new technology for better ways to keep your digital assets safe. While security professionals are working out new ways to look at what account credentials are, sometimes with mixed results like with Samsung's iris-scanner:  it's clear that the username/password system alone isn't enough anymore. According to PC World, a new device-based authentication key called "YubiKey" plugs countless security holes by requiring the connecting of a physical device to a computer or smartphone to access accounts.

White security icon spotlighted on a dark field of colorized programming code

Increased Security, Tougher to Crack with YubiKey

The authentication device solution owes its lineage to the 2-step verification system, which forces the user trying to access the account to enter a time-sensitive key sent to the user through a secondary device to access an account. Usually, to save effort, these systems flag a device as allowed after a one-time authentication. The YubiKey changes that requirement so that the access key device needs to be physically connected to the device accessing the account: disconnecting the device means logging out of the account. This offers increased security because it prevents people from accessing accounts on stolen, authenticated devices and prevents anyone else from being able to use the account at the same time as the key holder.

Avoiding the SMS Pitfall

Physical authentication devices do not need to transmit a key to the user, only send the key to the site hosting the account which makes them much more secure. In 2016, hackers found a way to intercept 2-Factor authentication system messages sent over SMS text-messaging, which put a huge dent in the method's dependability. Hackers strike businesses incredibly frequently, so any way that your company can stay ahead of them helps.

USB is the Standard-Bearer, NFC is Forward-Thinking

The biggest problem many new security methods face stems from cross-device compatibility. If the authentication device won't work with a person's computer, phone, or other devices, it's not going to be widely used. However, the YubiKey works around this problem by being compatible with both the USB ports devices have been using since 1994 and NFC found in many newer devices that may lack a USB port. Supporting standards like USB and NFC eliminates the most substantial barrier between the authentication device and the end-user.

However helpful devices like the YubiKey are, progress doesn't stop there. A similar device called "Token," which is a biometric token ring acts as an authentication device and can also require a fingerprint scan for additional protection. If your business is looking to take a step forward in IT securitycontact the experts at ATS today!

You might also want to read:

Tags: IT Consulting, IT Security, IT Support , IT, managed IT services

Posted in: Managed IT Services, Security

Categories

Archives