This week’s blog is about the Implementation, Best Practices, and Benefits of multi-factor authentication for working from home employees. Aside from being a trying time on its own, the pandemic period of 2020 also saw a massive uptick in cybercrime. With remote work and anywhere operations likely to stay in vogue for the foreseeable future, the attacks are expected to increase in both strength and ingenuity as new areas of vulnerabilities emerge and are exploited.
By being agile in adopting and deploying efficient security measures like MFA, you can help your business stay agile and competitive in a tight market. The use of multi-factor authentication is vital, as it ensures that information is only accessed by the intended person, making it harder for cybercriminals to steal. If user data is less tempting, cyber thieves will go for a different one. Multi-factor authentication is a blend of two different factors. One is usually the username and password, which is something the user knows.
Ambimat Electronics, with its experience of over forty years, desires to draw the attention of its readers and potential customers towards this blog post about their new product called AmbiSecure key and how it will benefit us.
Cyber Security best practices with the proliferation of employees working from home
The COVID pandemic caused a major paradigm shift in workplaces. With the surge in remote work, many employees have begun calling their basement and bedrooms home offices. During the onboarding process and authentication process, security experts had to devise protocols to meet new cybersecurity requirements. A year after the pandemic began, they continue to face challenges as some employees stay home and others return to work.
So, what accomplishment have employees achieved in the remote workplace? How safe has the workplace been over the last 15 months? To uncover some common trends, Yubico surveyed several employees (3006), business owners, and C-suite executives from medium-to-large companies, consisting of 250+ employees across the UK, France, and Germany who work from home and use work-issued devices.
Cybersecurity management went from bad to worse during the pandemic
Researchers found that poor cybersecurity habits that employees might have had before the pandemic became worse when they began working from home. It was also noted that many organizations were still behind in maintaining proper cybersecurity practices to deal with new challenges of hybrid workplaces, they were also far behind in filling the security gaps with strong cybersecurity technologies and latest authentication mechanism.
Let’s combine all data and begin with employees of surveyed countries:
- Lack of maintaining proper password hygiene was the major problem, it was estimated that about 54% of workers confessed to using the same password across multiple accounts. On the other
hand, 22% of workers admitted that they wrote down their password to avoid forgetting them. This included 41% of business owners and 32 C-level executives.
- One enterprise-wide problem is that about 42% employees use their work device for personal use. They survey reported that about 44% business owners and about 39% of C-level executives used they work device for working on personal task at home.
- Working from home is risky enough, but surprising 73% of respondents were confident in recognizing phishing attacks whereas 55% are more inclined toward cybersecurity while working from home.
What actions employees are taking
Almost 60% of respondents were of the opinion that IT department should handle all cybersecurity matters, and that they weren’t responsible for it. About 37% of employees working from home felt more support by IT than they did in physical work environment. Moreover, they also asserted of not having received any training in cybersecurity focusing on staying safe while working from home.
The survey revealed that organization (22%) have been slow to implement or grow their usage of multi-factor authentication due to the pandemic in all three countries. However, another study showed that MFA was the top cybersecurity technology being implemented (49% or respondent) while 75% of organization security staff planned on increasing MFA spending.
Keep everyone secure with cybersecurity best practices
An entire organization can be exposed to cyberattack or breach if just one employee fails to follow secure practices while working remotely. Let’s look into some cybersecurity practices for improving work from home policies:
- It is best to be conscious about employees’ practices and whether they are using work devices or mobile phones for personal use.
- Leadership should also follow a model behavior, as senior-level staff aren’t immune to bad practices.
- Hybrid and remote workers should understand the reality of vulnerabilities, including password management and phishing attacks. Therefore, employee training is must.
- A step towards stronger authentication is necessary through the use of hardware security keys, which works on both modern cloud-based and legacy, passwordless infrastructure.
Cybersecurity best practices with AmbiSecure
FIDO2 is a standard that simplifies and secures user authentication. It uses public-key cryptography to protect from phishing attacks and is the only phishing-proof factor available. Corporations around the world and across many sectors, including healthcare, can benefit from Fast Identity Online or Fast ID Online (FIDO) authentication, which their employees and users can use to minimize security risks, and improve overall user experience. The AmbiSecure key and card is FIDO certified which offers superior security by combining hardware-based authentication and public key cryptography to effectively defend against phishing attacks and eliminate account takeovers.
AmbiSecure helps organizations accelerate to a password-less future by providing FIDO2 protocol support. Not only does FIDO2 supports two-factor authentication, but also paves
the way for eliminating weak password authentication, with strong single-factor (passwordless) hardware-based authentication. The AmbiSecure provides a simple and intuitive authentication experience that users find easy to use, ensuring rapid adoption and organizational security. AmbiSecure key or card does not require a battery or network connectivity, making authentication always accessible.