This year has gone by in a FLASH!
Who can believe that it’s almost 2022?! Crazy.
This past year was certainly an amazing one, both for us, and our customers.
We spent the best part of 2021 focusing on the hottest words on everyone’s lips –multifactor authentication (MFA), identity-based zero trust, and zero-trust network access.
From helping regulated health organizations to understanding why Zero Trust Networks are a must, to discussing the potentially catastrophic fallout from data breaches, covering the Portwsigger data breach itself, and exploring why cyber security insurance companies list MFA as a requirement – our no.1 most read blog of 2021 brought you the Top FIVE Ways your organization can protect itself through MFA.
So, in the true spirit of end-of-year nostalgia, we’ve put together all your favorite blogs from the year in one tidy little, easy-to-read item. Each article is jam-packed with business-critical free information on MFA so that you can prepare yourself for a safe, secure, and MFA-tastic 2022.
Enjoy, and Happy New Year from the team at Safe-T!
#5. How Attackers Target Healthcare Organizations and Why ZTNA Is Critical to Stopping Them
The healthcare industry is notorious for being targeted by hackers with data breaches costing an average of $3.86 million, across all sectors. Most importantly (and worryingly), numbers are increasing. This blog includes vital information on the challenges of maintaining cybersecurity in a healthcare facility and how to overcome them.
Trying to map the different types of users a healthcare organization has can prove to be a challenge, as there are a wide variety of users:
- Employees and administrators of the healthcare organization
- Third-party users such as contractors and other healthcare organizations
- Connected devices like medical and IOT devices
Consider the need to grant each user the appropriate access and you’ll find even more challenges. Among them:
- Controlling and securing remote access to healthcare resources for external users
- Controlling and securing access to healthcare organization resources for internal users
- Controlling access between different network segments
- Preventing malware propagation on file shares
- Complying to the regulations set by organizations such as HIPAA
#4. Data breaches: An 80% risk for all global organizations in 2022
80% of global organizations believe they will suffer a major cyber-attack in 2022.
(Yes, you did read that number correctly!)
This blog looks at the latest report by Trend Micro and the Ponemon Institute’s Report that backed up the theory that 86% of those same companies were likely to experience a data breach specifically and, how it can be avoided.
The 5 Most Common Causes of Data Breach
- Weak and Stolen Credentials, a.k.a. Passwords
The solution: Use complex passwords and never (ever) share passwords.
- Back Doors and easily hackable apps
The solution: Keep all software and networks fully secured and up to date with the latest available security measures.
- Social Engineering
The solution: Don’t believe every strange email from every exotic, far away country with a name you can’t pronounce – saying you’ve inherited $10 million from your great Aunt Maude (who you have never heard of) and who’s been living in a mud hut, since 1987.
- Loose Permissions
The solution: Deploy a system that ensures that only the right people have the right permissions to the right data. And keep those systems updated – always.
- Internal Threats
The solution: Update your access permissions regularly. Remove past employees and contractors and make it company policy to do so, religiously.
#3. The Portswigger Data Breach: How Multi-Factor Authentication (MFA) could have prevented the potential exposure of 47,000 social security numbers
Data breaches are possibly one of the worst things that can happen to any organization. Such an event can have devastating, not to mention costly consequences.
This blog looks into what happened when the Research Foundation for the State University of New York (SUNY) announced it had detected unauthorized access to its networks – a breach that impacted a staggering 46,700 individuals.
Considering that the university suffered a hack, the fear of exposure of thousands of social security numbers, the hiring of a security team, the notification, the press, simply to deploy MFA at the end, makes you wonder: why they didn’t have all of this in place in the first place?
The main reason for this is that many organizations do not employ MFA because integrating it into existing applications and services is complex, especially for non-web and thick/fat applications, which are not naturally compatible with MFA.
#2. Cybersecurity Insurance for Data Breaches – Is your business covered?
Cybersecurity insurance providers are now requiring MFA is in place as a base requirement for organizations to receive cyber-security insurance. This blog uncovers why, and what you can do to make sure that you have MFA in place in order to get insured.
MFA makes it much more challenging for attackers to gain access to a system and unleash ransomware or other types of malware.
So, if cybersecurity insurance requires MFA – that must mean that most businesses are getting it. Right? Wrong.
This is largely because integrating MFA to corporate applications and services is complex, especially for non-web and thick/fat applications, which are not naturally compatible with MFA.
Until now, that is.
#1. 5 REASONS YOU SHOULD BE USING MFA
No business is safe today from identity-based attacks. Particularly, identity theft. Hackers today don’t even mind what size business they are attacking. A study conducted by Symantec revealed that 31% of targeted attacks are directed towards businesses with fewer than 250 employees. This blog discusses what the main threats are and how you can protect your business, big or small.
MFA is the practice of confirming a user’s identity based on two or more “factors” or features that are uniquely theirs.
The three factors generally used to confirm users’ identities in MFA are:
- Knowledge the user has- generally a regular password
- Something the user has- for example, a one-time password sent directly to the user
- A biometric form of identification- this could include face, voice or even a characteristic the user has, such as the force of their keystrokes.
Using more than one factor to confirm a user’s identity adds an extra security measure against identity theft.
Like what you read?
Well, there’s more where that came from.
If you want to find out more about how MFA can help protect your organization from cybersecurity threats, follow us on social media. We promise more business-critical, free info on exactly what steps you can take to ensure your organization is protected by the very best cybersecurity measures, and much more.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Safe-T® Group Ltd.
Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data, while ensuring uninterrupted business continuity. Safe-T’s cloud and on-premises solutions ensure that an organization’s access use cases, whether into the organization or from the organization out to the internet, are secured according to the “validate first, access later” philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.
Safe-T’s wide range of access solutions reduce organizations’ attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.
With Safe-T’s patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.