«
»

Everyone uses 2FA…right?

Last week during the Usenix’s Enigma 2018 conference Google dropped a bomb on two-factor authentication.  For years companies like Google and other providers have encouraged users to use 2FA to protect their accounts.  Most of the security world thought people were listening since they were all telling us how important 2FA is to them and to keeping their accounts secure.  Now Google tells us that less than 10% of users use 2FA with their Google Accounts.  Bloggers and security experts are in disbelief, if everyone wants to secure their information, why aren’t they taking the first step?

Facts continue to pour in about the state of attacks on our users.  A report from Netwrix that came out today states that organizations believe that “employees were considered Netwix_Cloud_2018_5responsible for 58% of security breaches in 2017“.  These attacks should be stopped with users leveraging proper security measures.  Corporations have been using 2FA for years, it should be common practice to follow those users to the cloud with the same requirements and to follow up with those users.

As our platforms evolve, so does the perception of the platforms.  Users become numb to the constant news of the latest attack and latest threat.  Some of the biggest bugs in our time, the Spectre and Meltdown, hit the news and focus the attention on how insecure user data is.  These bugs effected almost every platform currently out there.  Still users haven’t patched and fail to see the major concern of the actual security risk.

As developers and security industry specialists, we need to ensure we are doing our part.  Making tools like 2FA available, is a great first step, but ensuring those same users use those tools and follows up with those users is also a requirement.  When developing mobile applications, taking the base security and applying Application Shielding and Hardening to an application should also be seen as a requirement.  When we rely on our users to properly understand and leverage security technology, we open the door for them to be attacked.

This entry was posted on January 23, 2018 at 5:36 pm and is filed under Computers and Internet, Security with tags , , , , , , , , , . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Everyone uses 2FA…right?”

  1. Budgely Says:
    January 23, 2018 at 8:02 pm

    How true. With all the workarounds made available to appease the users distaste for incovenience, the weakest link becomes the overall security of the solution. How to make these strong security options available, widely adopted AND not allowing them to be circumvented is a big challenge indeed!

    Liked by 1 person

    Reply

Leave a comment