Compromised credentials give the bad guys access to your data. Attackers use a legitimate username and password to initially obtain access and then escalate privileges in order to access increasingly valuable data. Relying on old-school authentication methods gives the bad guys a helping hand.
There seems to be no end to the news of large-scale data breaches. And, while the majority of these incidents highlight the loss of customer data, there is also a risk to both internal corporate data and employee data. Employee data loss doesn’t just impact the employee; it can also cause measurable harm to the employer. In 2017, UK-based Morrisons Supermarkets was found liable by a court after a former senior auditor for the retailer posted the payroll data of nearly 100,000 staff online.
Thousands of the staff will now be allowed to lodge compensation claims. There’s no shortage to the data that needs protecting.
A snapshot of current authentication practices
Organizations and individual users turn to authentication solutions to protect data and identify. Authentication solutions have three components: knowledge (what a user knows, such as a password or an answer to a security question), possession (what a user has, such as a hardware key or a smartphone), and inherence (something the user is, such as a fingerprint). Continue reading on CSO.