Page 101 - Cyber Defense eMagazine January 2023
P. 101

Conclusions

            Every company, organization, or institution that cares about data security must move away from using
            weak and selectively used forms of user identification and switch to techniques that can successfully
            withstand phishing and social engineering attacks.

            - The  weakness  of  the  push-based  2FA  is  definitely  that  the  user  experience  of  receiving  pop-up
            messages can make someone finally agree to them and finally click "allow" without giving much thought
            to  what  he  or  she  is  really  accepting - says  Tomasz  Kowalski,  CEO  of  Secfense,  the  company  that
            developed  the  User  Access  Security  Broker,  technology  that  allows  for  the  quick  and  no-code
            implementation of FIDO2 authentication on any application.

            FIDO2 authentication is an open authentication standard developed by FIDO Alliance and is known to
            be the only authentication method that is truly resistant to phishing and social engineering.

             - Of course, push notifications are better than nothing. Even old-school SMS protection is better than
            “just” passwords - Tomasz adds. - However, organizations need to ask themselves if they want to get
            slightly better protection than passwords or will they rather walk away from passwords and replace them
            globally with FIDO2. With the FIDO2 standard available to anyone organizations do not need to use half-
            measures but instead, reach for something that can allow them to forget about the “password problem”
            once and for all.



            The Layered, Onion Approach

            The best approach to building security in a company is building it on the so-called onion model, that is in
            layers. There is no technology, producer, or integrator in the world that will be able to protect against all
            possible threats.


            However,  data  security  performance  can  be  maximized  by  following  the  guidelines  of  the  zero-trust
            security model and by using multi-factor authentication (MFA) on all applications and access points in
            the organization. What’s important - the MFA must be based on FIDO2, a modern authentication standard
            that uses face or fingerprint biometric recognition to log in.



            FIDO2, the safest way to log in to the future


            And why FIDO2? Because it is a real revolution in terms of authentication and online security. This open
            standard - thanks to which every service on the Internet can be secured with the use of cryptography - is
            fully resistant to phishing and theft of logins and passwords.

            FIDO2 allows you to use cryptographic keys but also devices that we always have with us, such as
            laptops with a built-in camera with Windows Hello in place or smartphones with face recognition or a
            fingerprint reader.






            Cyber Defense eMagazine – January 2023 Edition                                                                                                                                                                                                       101
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   96   97   98   99   100   101   102   103   104   105   106