Since passwords alone have become increasingly prone to being hacked with the help of computer monitoring software and keystroke loggers, authentication using only this single factor as means of access has become a thing of the past. Even two-factor authentication has been outdone with the advent of clever authentication processes making use of scanners that we once saw in sci-fi movies only.
The Mechanism Involved
The common means of verifying an employee’s identity include the following:
· What a person knows (a password or PIN code, for instance)
· What a person owns (like a swipe card or an ID badge)
· What a person is or does (such as how one speaks – for voice recognition – or their fingerprint)
What a multi-factor authentication system does is that it employs a combination of the above mentioned verification means in order to perform a more strict check when allowing access to the organization’s employees. For instance, it may require you to enter your password followed by punching in a code sent to, say, your cell phone upon entering the password, and then performing a retinal scan. The additional retinal scan ensures that the person accessing the company property (be it tangible or intangible) is the actual employee and not a hacker in disguise. This allows users to escape malicious programmes such as the likes of keystroke logger as that only has the power to unveil passwords and can neither intercept the received code nor surpass the retinal scan.
The Perfect Combination
Obviously superior to single as well as two-factor authentication owing to its demand for multiple security checks, multifactor authentication may commonly pair up the use of passwords and key codes with a swipe-able access card which employees may be required to carry with themselves and use when accessing secured areas. However, since such cards/badges stand the possibility of being stolen and then misused, it is preferable to couple access codes and swipe cards with biometric verification which largely involves installing a security system that recognizes what a person is or does, like fingerprint scanners, retinal scanners, or voice recognition systems. Since the latter requires the identification of an individual’s traits which are specific to him alone, it is much more effective as the chances of these being forged are almost nil.
· Cost: The most important factor to consider is the cost of investment associated with acquiring a multifactor authentication system. The process involves purchasing expensive hardware such as scanners. Issuing smartcards or such components to employees also surfaces as an additional cost. Thus a cost benefit analysis needs to be carried out to decide whether the information or property that aims to be guarded really is confidential enough to be worth the investment. However, most companies will find the whole process to be worth the cost involved since remedial actions required for curing any keystroke logger or malware victims are bound to cost just as much, if not more.
· User Convenience: The administration might face resistance from employees since the normal work routine might be interrupted because of this additional security check as they stand waiting for receiving a confirmation from the authentication device. Also, sometimes a guest might need access for which it has to be ensured that the authorization system allows for such exceptions in the most guest-like way possible.
· Support Processes: Support mechanisms should be in place in order to cater to any hurdles or problems. The management should communicate the procedure to be followed in circumstances such as in case of loss or theft of access cards or breakdown of hardware.
- Image courtesy of MyBlogGuest
Jane Andrew is a writer and tech enthusiast, she mainly writes on topics related to cellphones, computers, monitoring software, keylogger and has an interest in many other arenas. If you want to know more about cell phones and computer security please follow her @janeandrew01 or visit the Mobistealth website.