NETWORK LOGIN SECURITY
It sounds like a simple concept as we have logged into computers at work for years. Why discuss it? The old combination of username and password is simply not sufficient any longer to safely secure the ultimate place where business data is accessed: the Windows desktop or laptop PC.
The pitfalls are numerous:
- leaving an old network account enabled after an employee departure
- not changing passwords on a regular basis
- making passwords too easy to guess or too hard to remember
- hackers or coworkers intercepting (or being willingly given!) a password
SOMETHING YOU HAVE, SOMETHING YOU KNOW
You eliminate risk by adding a second factor of authentication. In a multi-factor login system, network login is impossible without something you have and something you know.
The something you have is typically a keyfob or smart card that is plugged into the computer and the something you know is a password or PIN code. For Microsoft networks, Chortek uses and recommends Authlite software and Yubikey key fobs. This solution makes accessing any PC (or server) in the company require a USB keyfob and password, even disconnected from the network.
When your laptop is lost or stolen after Authlite and Yubikeys have been implemented, it still requires both factors of authentication, so it is much safer from unauthorized use. Lost Yubikey keyfobs are easily deactivated and replaced.
If your business has not implemented a multi-factor login solution, you cannot eliminate the risk of a password being acquired and used by an unauthorized person.
Let us know if we can help you achieve network security? Contact Mike Senkbeil, cybersecurity consultant.