How much time accumulated over a year – multiplied by the number of employees and the frequency with which security codes are updated … and so on – do you think a company spends logins and passwords? Both in terms of security and time, this myriad of passwords and their necessary updating hamper productivity and incur significant operational costs for companies.
We generate a huge amount of sensitive data on a daily basis. By ordering online, by connecting to our company or by using our mobile phone for example…
Do you think this data is protected? Well, according to a survey conducted in February 2020 by the Yubico company:
Human reaction, we adopt behaviors aimed at finding workarounds to simplify our lives, to the detriment of our IT security and the protection of our personal data.
The result is the opposite of the very reason passwords exist: to provide us with more protection. Find the mistake…
And all of that data needs to be protected with specific, strong, multiple passwords. Now, who has – here again – never succumbed to the temptation to use the same password on different sites or servers? To the delight of hackers who, with one and the same key, can open many Alibaba caves…
Our brains are simply not made to remember so much information “by rote”. In the end, either we forget it or we notice it … “Safe” solutions such as LastPass (allowing all our passwords to be stored in one place) can then prove to be very useful, but they remain workarounds. The problem is not being addressed at the source.
Thanks to multi-factor authentication (MFA), we can already connect to a computer tool using at least two successive methods to verify our identity:
Several MFA solutions exist on the market. I am thinking in particular of Google Authenticator. Once you have entered a password, you will receive a message on your smartphone to confirm that it is you who is trying to authenticate yourself. Same thing when your bank sends you an SMS to validate an online purchase.
At the scale of an enterprise, the solution lies elsewhere: completely eliminate the use of passwords while maintaining a strong level of security.
Secret Double Octopus, from the eponymous company, allows you, at the office or from home, to access your company’s resources with an MFA solution that offers a reliable and qualitative user experience, whether by connecting with a Windows machine, a Mac or a thin client (Citrix, VMware Horizon). Based on a robust and secure protocol, this solution can be integrated into a whole set of websites and cloud solutions (Azure, Amazon AWS, etc.) that can be offered by your company since it is based on standards used by lots of editors.
Concretely, when you start your computer for a new working day, you are usually asked for your login and password. Here you receive a notification directly on your phone (something you own) asking you to validate that you are accessing your computer. You then use your fingerprint (something that you are) to be able to start working.
No need to remember a password! And whether you work face-to-face or remotely, you benefit from the same “user experience”.
More pleasant for users, less restrictive for IT support services and more beneficial for managers … The Secret Double Octopus solution has, I believe, not finished talking about it.