Page 101 - Cyber Defense eMagazine January 2023
P. 101
Conclusions
Every company, organization, or institution that cares about data security must move away from using
weak and selectively used forms of user identification and switch to techniques that can successfully
withstand phishing and social engineering attacks.
- The weakness of the push-based 2FA is definitely that the user experience of receiving pop-up
messages can make someone finally agree to them and finally click "allow" without giving much thought
to what he or she is really accepting - says Tomasz Kowalski, CEO of Secfense, the company that
developed the User Access Security Broker, technology that allows for the quick and no-code
implementation of FIDO2 authentication on any application.
FIDO2 authentication is an open authentication standard developed by FIDO Alliance and is known to
be the only authentication method that is truly resistant to phishing and social engineering.
- Of course, push notifications are better than nothing. Even old-school SMS protection is better than
“just” passwords - Tomasz adds. - However, organizations need to ask themselves if they want to get
slightly better protection than passwords or will they rather walk away from passwords and replace them
globally with FIDO2. With the FIDO2 standard available to anyone organizations do not need to use half-
measures but instead, reach for something that can allow them to forget about the “password problem”
once and for all.
The Layered, Onion Approach
The best approach to building security in a company is building it on the so-called onion model, that is in
layers. There is no technology, producer, or integrator in the world that will be able to protect against all
possible threats.
However, data security performance can be maximized by following the guidelines of the zero-trust
security model and by using multi-factor authentication (MFA) on all applications and access points in
the organization. What’s important - the MFA must be based on FIDO2, a modern authentication standard
that uses face or fingerprint biometric recognition to log in.
FIDO2, the safest way to log in to the future
And why FIDO2? Because it is a real revolution in terms of authentication and online security. This open
standard - thanks to which every service on the Internet can be secured with the use of cryptography - is
fully resistant to phishing and theft of logins and passwords.
FIDO2 allows you to use cryptographic keys but also devices that we always have with us, such as
laptops with a built-in camera with Windows Hello in place or smartphones with face recognition or a
fingerprint reader.
Cyber Defense eMagazine – January 2023 Edition 101
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.