The Human Vulnerability Factor

Authentication Solutions
Back to Blog
February 28, 2017
Damon Tepe

 

What does the biggest mistake in Oscar history have to do with security?…. The Human Vulnerability Factor

“To err is human” or “Everyone makes mistakes!” And it’s true! Regardless if Warren Beatty grabbed the wrong card for Best Picture or he was given the wrong card by the Academy, some human made a mistake, it caused embarrassment, and a media circus followed. Similarly, your employees, partners, and customers are human and can make mistakes that lead to security breaches with significant monetary loss, embarrassment, brand erosion, and unwanted media attention.

How can user mistakes cause protection gaps for organizations?

Humans will:

  • Create/use weak passwords that are easy to guess by attackers
  • Reuse similar passwords across multiple logins, thereby making all uses of that password less secure
  • Store passwords in insecure places and be duped into sharing with attackers
  • Click on phishing links that allow attackers to gain an initial foothold within private networks
  • Click on MFA methods even when NOT authenticating, allowing attackers in the front door
  • Loose devices used for authentication, when in the wrong hands can cause vulnerabilities

Organizations have tried for years to educate humans on solid security practices, but humans make mistakes and no amount of ‘training’ can stop it. SecureAuth has accepted that humans are fallible and has developed authentication solutions that remove human vulnerabilities such that even if your human users make a mistake, it will not compromise organizational access defenses.

Stolen Credentials are on the rise

In a recent Wakefield Research survey of IT decision-makers, roughly 55% of organizational assets are protected by multi-factor authentication. And this is a great first step, but it also means roughly 45% of assets are protected by username and password at best. With 63% of reported 2015 breaches involving stolen credentials, and this number on the rise the past couple years, oftentimes attackers are walking in the front door with compromised credentials. Whether those credentials are guessed (because of weak PW strength), phished, or bought (hundreds of millions of users’ credentials are available today on the dark web), organizations need better security than single factor authentication.

Multi-factor authentication is not the end all be all answer

Knowledge Based Questions (KBAs) can be easily be defeated by browsing most people’s social media (Street you grew up on, Maiden name of mother, First car or pet). NIST, the National Institute of Standards and Technology, no longer recommends one-time passcodes via SMS/Text because of vulnerabilities. Hard tokens have been compromised in the past, and popular “Push-to-Accept” has been ‘Accepted’ when user is NOT even authenticating, allowing attackers in network with stolen credentials. Modern organizations need more than multi-factor.

SecureAuth Protects Against Human Fallibility

SecureAuth analyzes every access request, looking for abnormalities and risk. Answering question like; Do we recognize a user’s device, is the incoming IP address good and not been involved in nefarious activities in the past, request coming from a known good location, without oddly timed requests, access request coming from a phone number that has not recently been ported, coming from a known and approved carrier network and phone type, and more. We call this Adaptive Authentication and it provides many pre-authentication risk checks without users even knowing. Without disrupting user for a multi-factor authentication step every time, Adaptive Authentication can only require an MFA disruption if risk present, thereby providing a great user experience.

SecureAuth can even offer Passwordless Authentication. Moving away from knowledge-based factors, like passwords, toward factors that are much harder to extract improves security. Replacing vulnerable passwords with fingerprint biometrics, for example, drastically improves security beyond antiquated passwords. The addition of our multi-layered risk analysis (Adaptive Authentication) gives organizations the high identity confidence to remove passwords.

SecureAuth offers Symbol-to-Accept, new multi-factor authentication method that requires users to think and not robotically auto-hit “Accept” giving attackers unencumbered access.

Whether you are seeking multi-factor solutions to cover more resources today or seeking progressive protection regarding your identities that Network and End-Point security can’t help with, SecureAuth offers paths to the industry’s most advanced adaptive access control.

Request a personalized demo

Never Miss a Beat
Subscribe to Our Blog

SecureAuth Identity Platform Adaptative Authentication

Identity and Access Management

Empower your digital initiatives with secure access for everyone and everything connecting to your business

Product Features

Adaptive Authentication

Extend verification of a user identity with contextual risk checks

Multi-Factor Authentication

Leverage a broad portfolio of authentication factors for desktop and mobile

Intelligent Risk Engine

Protect your identities with advanced risk profiling analytics

Single Sign-On

Provide app discovery and one-click login through portal or desktop SSO

User Lifecycle Management

Enable admins with strong CRUD capabilities and users with self-service tools

Secure All Identities

CIAM

Customer Identities

Deliver a frictionless customer experience safeguarding user data and privacy

B2E

Workforce Identities

Govern and control access rights for employees, partners, and contractors

SecureAuth Authenticate App

Passwordless MFA client with
Symbol-to-Accept. Stronger security.

The Value of Deploying Multi-Factor Authentication in a Digital World

Value of Deploying Multi-Factor Authentication in a Digital World

Read this white paper to gain insights and understanding of why passwords create risk and blind spots for organizations and their users.

Initiatives

Passwordless Authentication

Reduce the risk of breaches by eliminating passwords

2FA is Not Enough

Block popular phishing and brute force attacks used by bad actors

Protecting Office 365

Extend adaptive authentication and flexible MFA to all apps including Office 365

Securing Portals and Web Apps

Balance strong security and an exceptional user experience

RSA Migration

Transition to a modern identity and access management solution

Industries

Healthcare

Financial Services

Retail

Energy and Utilities

Public Sector

Resources

White Papers

eBooks

Analyst Reports

Documentation

Events

Recorded Webinars

Innovation Labs

Support Portal

Calculate Your Savings

Lower support costs by enabling your users the control to reset passwords, account unlocks, device enrollment and update profiles

Meet SecureAuth

About SecureAuth

Careers

Contact