Death of the Password: How MSPs Can Provide Clients With Alternative Security Measures
Apple received a substantial amount of backlash after sensitive photos of high-profile celebrities leaked from iCloud and were shared all over the Internet. Following the breach, Apple stated that it was due to poor password protection on celebrity accounts and the hacker’s ability to devise very precise, targeted attacks on users.
According to a Verizon Data Breach Investigations Report, 76 percent of network intrusions are tied to exploiting different weaknesses of passwords. Hackers enter right through the front door, as security experts like to call it. With this in mind, it seems as if our everyday lock is fundamentally broken. Here’s how MSPs might offer alternative security solutions to cloud users.
Two-Step Authentication: The average person manages 25 to 30 passwords in their life. It’s recommended that every password is different, contains around 12 characters, and varies in uppercase and lowercase letters and numbers. Password protection has been the norm for years, but people’s inability to manage all of them proves that it is not the easiest solution.
MSPs should help clients find services that offer two-step authentication or advise clients on how to link phone numbers with online accounts to add a second layer of security.
While some cloud services require it and lock users out if they’ve entered a password incorrectly a certain number of times, other services allow unlimited guesses and are inherently less secure.
Encryption: Suppose a client would rather abstain from giving even more information to their cloud service provider, such as answering security questions that could also be potentially breached for example. In this case, suggest encryption in the cloud.
Encryption has become very popular in light the many mass cyber-attacks that have occurred, and it can be deployed in a wide variety of ways. For example, you can encrypt data stored in databases, data being transferred over public or internal networks, apply encryption directly within the cloud or when it gets there.
Prioritizing what data should and shouldn’t be encrypted because it can be expensive and also cause “encryption sprawl”, which is when encrypted data becomes fragmented and inconsistent when communicating with each other.
Outside devices to keep your cloud secure. As NSTIC’s (National Strategy for Trusted Identities in Cyberspace) Jeremy Grant puts it, there is no shortage of technology that can replace the password and keep us secure, but it hasn’t taken hold in the marketplace because nobody wants to carry tokens or smartcards.
Perhaps it’s the responsibility of the MSP to encourage the use of security devices and add-ons that are compatible with their cloud service. Add-ons are capable of making them more complaint, controlling access to data, configuring single firewalls that protect multiple servers and managing the cloud remotely.
Technologies like finger print recognition devices and systems that randomly generate codes to protect credit cards whenever a transaction is made are coming into the mainstream before we know it. The NSTIC also stated that they hope to replace passwords all together on federal networks by 2020. So maybe it’s time MSPs too start forgetting passwords all together.
Cloud storage is still a new technology and clients will be happy to know that you think about their security just as much as accessibility and convenience. Leave a comment in the section below if you have any other ideas of alternative security measures for the cloud.