The high-risk factor associated with single-factor authentication has caught the attention of the U.S Cybersecurity and Infrastructure Security Agency (CISA). CISA has recently added single-factor authentication as a hazardous cyber practice that can probably unveil critical infrastructure. Moreover, with the skim security that single-factor authentication entails, it is easier for hackers to get into your institutional systems and exploit the data. In his article for The Hacker News, Ravie Lakshmanan explains why single-factor authentication is considered risky by the CISA. Furthermore, he also lists several other practices that are considered high on the risk scale.
What Is Single-Factor Authentication?
The single-factor authentication model is described as a method of signing in users into the system by just verifying their identity once. The sign-in usually includes your username and password and is considered to be significantly low security. It is easier to break into single-factor authentication because it requires only one factor to match the other for smooth data breaching. CISA has stated that all organizations should stop single-factor authentication. The establishments associated with critical infrastructure or national critical functions should especially think about using single-factor authentication.
What Other Practices Are Prone to Risk?
In addition to single-factor authentication, CISA has also mentioned several other practices prone to cyber threats. Some of them are:
- Making use of weak cryptographic functions or key sizes
- Working on flat network topologies
- Using previously compromised systems without proper monitoring
- Using outdated software and technical elements
- Transmission of sensitive, unencrypted, and unauthentic traffic over vague networks, entailing poor physical control
Data threat is becoming a rising concern for organizations globally. With too much at stake, companies should be aware of the cyber threats that their organization can be exposed to. Leaders should spread awareness about cybercrime among the workforce and keep them technologically updated to prevent risks in the future.
Click on the link to read the article: