bigstock-Isometric-Internet-Security-Lo-238957666-Converted-01

Why Two-Factor Authentication is Important

by CybersecurityNetworksOnline Privacy

Today, more and more of our lives are happening on mobile devices, laptops and computers. So it’s no wonder why our digital accounts are the prime target for cyber criminals. 

Attacks against the government, companies and individuals are happening every day. High profile data breaches and password leaks are becoming more and more common. Cyber criminals are continuously developing more sophisticated hacking methods, making some security practices obsolete. 

Fortunately, for any organization, one simple method for protecting digital accounts remains effective: two-factor authentication (2FA). Learn more about why two-factor authentication is important. 

What is two-factor authentication?

Two-factor authentication is the method of verifying your identity by adding a second factor of authentication to your account. Incorporating 2FA adds an additional step to the login process. After users enter their credentials, 2FA prompts users to enter an additional code before they can access their account. 

Types of two-factor authentication

There are many types of 2FA available. Some are more secure than others, but all provide improved protection for digital accounts. 

Here are a few of the most common forms of 2FA: 

Software Tokens: 

Software tokens are the most popular form of two-factor authentication and requires software that generates a time-sensitive, single use passcode to use to access an account. The user must download and install a 2FA app on a smartphone or desktop, such as Google AuthenticatorAuthy, or Microsoft Authenticator. These applications are compatible with a variety of websites. 

Once the user configures the application with the account, it will begin generating and cycling through time-sensitive codes. 

To access the account, the user must use the code provided by the 2FA application to access the account. These passcodes are usually only valid for less than a minute. 

SMS or Voice-based Messages: 

SMS Message Two-Factor Authentication - Dexter Edward

In an SMS-based 2FA environment, a user attempting to access an account will be sent an SMS message containing the 2FA code. 

Similarly, voice-based 2FA automatically dials the user’s phone and verbally delivers the 2FA code. 

SMS and voice-based authentication is one of the least secure methods of 2FA.

Push Notifications: 

A user with a smartphone or computer can receive notifications when an authentication attempt is taking place. The user can view details related to the request and can approve or deny access through the provided link. 

Push notifications provide a more user-friendly form of security. 

Other forms: 

In Biometric 2FA, user identities are verified via fingerprints, retina patterns, and facial recognition. 

These types of authentication are in development and are sure to become more popular within the next few years. 

Why use two-factor authentication? 

Passwords, no matter how complex, are no longer as infallible as they once were. Cyber attackers can test billions of passwords in seconds. Furthermore, it’s extremely common for users to use the same password across multiple accounts, meaning once hackers have access to one account, they can gain access to other accounts with relative ease.

2FA provides additional protection to accounts that is independent of password strength, and more secure than traditional security questions, which can be guessed by hackers who can view public social media profiles. Dexter Edward incorporates 2FA support into several of their solutions that can help your organization be secure, encrypted, and traceless. 

LEARN MORE
Dexter Edward Mobile Security Header

Online Privacy Methods

by CybersecurityFognigmaOnline Privacy

Protect your Online Privacy

As you venture out on the Internet, reaching and searching for information or as a portal for communication, one thing is clear: privacy is key. Because without privacy, anyone can intercept, analyze, and exploit your communications—and, eventually, the odds are someone will. It behooves you to take proper steps to ensure your online activities and conversations remain only between you and your intended parties.

There are many methods to remaining private online, some more powerful than others. Examining all your options will help guide you to make the best decision for your online security.

Private browsing is the minimal you can do to protect your online privacy

Private Browsing

Perhaps the easiest way to ensure some privacy online is flip that little switch and use a private browser window. Sometimes called incognito mode, private browsers hide some of what you do online, but only some. While exactly what they conceal varies from browser to browser, private browsers do have some aspects in common.

Many disable the browser’s history and web cache, hiding the record of what you are doing online. Often autofill will be disabled, preventing the risk of accidentally storing login credentials. Along that same thought, many private browsers will prevent you from remaining logged in to online accounts once you close the browser window.

So that’s all you need to be totally secure, right? Unfortunately, no. Though most private browsers clear your browsing history in the browser, a portion of it might remain on your computer or your ISP—bits that could be used to reconstruct your online activities. Also, a lot of their functions rely on you closing the tab when you are done. If you don’t close the window, the caches aren’t erased. As Hana Habib, a doctoral student at Carnegie Mellon, points out, “A lot of people use private browsing just to hide their activity from other people who might use their computer later. . . [a]nd for that, private browsing does a pretty good job of protecting users against that particular threat.”

VPNs are one method of online privacy

Virtual Private Network (VPN)

Another option for online security is using a Virtual Private Network (VPN). VPNs take your traffic and passes it through a VPN provider’s server on its way to your destination. With a VPN, your traffic and IP address are obscured, and your communications are encrypted. To an outside observer, you will appear to exist where the VPN server is, which is why VPNs are popular in countries with censor-loving governments (or for people trying to circumvent geo-specific website restrictions).

VPNs are much safer than relying on private browsing, but even they can have their drawbacks. For one, you are relying on the VPN service’s security choices. The big drawback of VPN services are their terms and conditions, specifically in regard to logging. TheBestVPN recently updated their survey of over 300 VPN providers’ privacy policies to see if their advertising claims were matched by their policies.

The good news is this analysis shows that only about 8% keep logs of your browser history (with another 9% aggregating your browser history with all their other users). The bad news is when those VPN services who log your IP address and timestamps (the where and when of your browsing activity). 40% of the VPNs analyzed log your IP address and 38% log timestamps of your activity. For a service claiming to keep your anonymous, those statistics are striking (and should remind you to really read all the fine print when trusting another company with your security).

Onion routing is another method to preserve your privacy online

Onion Routing

Onion routing is similar in some respects to a VPN in that your traffic and communications pass through another remote server. But, in Onion routing, everything passes through multiple servers with a new layer of encryption added for each server passed through. Each server only knows of the servers on either side of it, so, for example, the second server in a 3-server chain (that is, 3 servers between you and your destination) will not have any record of your IP address (or other particulars) or what your final destination is. Onion routing takes your online anonymity and security up to another level.

Unfortunately, Onion routing has a few drawbacks. First, because your traffic is passing through various servers in various parts of the world, it can be slow. This isn’t any fault of the Onion routing method, mind you, but rather the varying Internet speeds in different locations. Another drawback is, again, not due to the Onion routing method, but rather to those who use it to hide their activity. Because of some users using Onion routing to commit illicit or illegal acts, the whole system echoes with negative overtones for some. That is, people might suspect or associate users who just want privacy with users who are doing all the illegal things.

Fognigma Provides the Best Online Privacy

Fognigma

Fognigma is a patented enterprise software solution that gives organizations the power to build their own secure, encrypted and traceless networks and communications systems. Fognigma works by strategically leasing virtual machines over eight commercial cloud providers which function as one gestalt network. Inside this invisible, on-demand network are various communication components (VoIP, file share, messaging, video conferencing, and Virtual Desktop Infrastructure) which are afforded the same protection as the Fognigma network itself: FIPS 140-2 validated, cascading AES-256 encryption with two distinct encryption libraries.

Like Onion routing, the parts of a Fognigma network only know of their immediate neighbors, so even if one part could be found, it couldn’t compromise the whole network. Also, like Onion routing and VPNs (which makes sense, since Fognigma is a virtual private network), where you exit the network to the rest of the Internet is where it appears you are located. However, Fognigma takes that to the next level by giving organizations the power to create multiple exit points almost anywhere in the world and users the ability to dynamically switch exit points (and their perceived location) with just a few mouse clicks.

Fognigma takes all the best privacy features, wraps them in a massive level of encryption, and gives them to organizations to build and run their own invisible networks, never having to worry about the privacy policies of a distant VPN provider or the ofttimes stigma of Onion routing. To learn more about Fognigma and how it can help your organization (or to schedule a demonstration), contact us today.