Welcome!

SDN Journal Authors: Pat Romanski, Destiny Bertucci, Liz McMillan, Elizabeth White, Amitabh Sinha

Related Topics: Cloud Security, Java IoT, @CloudExpo, SDN Journal

Cloud Security: Blog Post

Multi-Factor Authentication By @TorbenA | @CloudExpo [#Cloud]

Executives must not relegate security to the IT department and assume all is well; they must be active participants

Multi-Factor Authentication: Eight Considerations for CXOs

For business leaders today, it's not enough to drive company growth, seek competitive advantages and provide vision. In this era of advanced cyberattacks, executives also need to keep their companies' data security strategies top of mind. The Ponemon Institute's 2014 Cost of Data Breach Study reports that the average cost of a data breach to a company was $3.5 million, a 15 percent increase over last year. Then there is the cost of reputation damage to factor in as well. Organizations cannot afford, on any front, to be lax in their security strategies.

Executives must not relegate security to the IT department and assume all is well; they must be active participants. Leaders ultimately take responsibility for the organization's performance, and negative events that impact stakeholders also impact the leaders' longevity as well. Target's CEO left on the heels of the recent large-scale hack of customer data, suggesting a correlation between the two events.

C-suite executives need to understand why awareness of and involvement in their companies' security strategies is critical. They also must understand why authentication is a necessary and effective element of security strategy. There are many reasons to include multi-factor authentication as an effective tactic against loss of brand reputation, loss of customers and loss of trust.

Taking an Active Role in Security
It's tempting to assume that the team leads in IT and security have everything handled, leaving the executive to focus on more traditional business-related responsibilities. That assumption is wrong and dangerous. The second a breach occurs, the entire business suffers the fallout, from loss of customer (or shareholder) confidence to damaged brand reputation. Therefore, responsible CXOs shouldn't assume that IT has it handled. They must instead seek to understand exactly how company and employee assets are being protected.

CXOs don't need to manage every detail here; they just need to educate themselves about how their companies are actively taking steps to protect corporate reputation and integrity while keeping an eye on the bottom line. After all, if the company is breached, it is the CXO who will have to answer those uncomfortable questions from the media.

CXOs can avoid nightmare media scenarios by ensuring the safety of customer information assets in a way that stays ahead of today's advanced threats. They must also ensure adherence to corporate goals by developing and executing strategies that increase profit margins and drive down the costs of doing business. Such overarching goals cannot be left to the team leads; success must be managed at the executive level.

Make Security a Priority
Business leaders are responsible for setting the organization's vision and then leading their teams to bring it to reality. It's easy to focus on the bread and butter of corporate leadership, whether it's maximizing shareholder value or creating the best widget possible. Yet security is a vital component of business success as well, and change comes from the top. If upper management doesn't explicitly prioritize security in a meaningful way, it's more likely that IT departments will take more of a check-the-box approach to security as they focus on the projects given overt precedence.

Incentivizing Security
One of the most effective ways to make security a business priority is to create meaningful incentives for its deployment and management. IT and security teams should be compensated and recognized based on how airtight the network is. Fortunately, there are ways to secure access to company and employee data that fit in with the corporate budget, turning security into an ROI center as well.

To help prevent loss of brand reputation and loss of trust, a key component of this comprehensive security plan must be a multi-factor authentication strategy. Such a strategy will mitigate the attacks that threaten user confidence, such as identity theft. TCO must be taken into account, as well as the ease of integration with remote access systems and cloud applications. The ideal strategy will take into consideration factors that include a low footprint, high security, high automation and high value.

Multi-Factor Authentication: Eight Factors to Consider
For executives not yet convinced that multi-factor authentication is the way to go, these facts should be cause for reconsideration:

  1. Hackers readily use weak or stolen user credentials in 76 percent of all network breaches.
  2. The number of targeted attacks went up by 42 percent from 2012 to 2013, and it increased a whopping 62 percent from 2013 to 2014. Not only that, they also took longer to be discovered and ended up costing the victim companies 30 percent more money. In short, hackers are winning the war.
  3. Banking, gaming, social media, email and other online service providers have adopted SMS-based tools to effectively authenticate their users when accessing their systems. If it's important to them, it should be important to your business as well.
  4. Now more profitable than drug-related crimes, identity theft is the fastest-growing type of crime, accounting for $24.7 billion dollars.
  5. Malicious actors do not discriminate based on size. Not only big brands get hit; 31 percent of all targeted attacks were aimed at businesses with less than 250 employees.
  6. Without user authentication, a company's vulnerability tests, advanced firewalls and anti-virus systems are not enough. The front door stands wide open to intruders.
  7. Malicious actors do more than just steal data; they often use servers to transmit propaganda, spam or malicious code. They also destroy data and change programs or services.
  8. Hackers are always finding more effective ways to steal passwords via pharming, keylogging, phishing and other methods.

A Holistic Security Approach
As the financial and reputation costs of data breaches escalate, security must be foremost in the minds of CXOs. They must take an active role in the organization's overall security strategy to make sure that everything possible is being done to keep company information safe while keeping the budget in mind as well. Without strong authentication standards in place, hackers can take advantage of user credentials to breach security and cause mayhem. Multi-factor authentication is a key element of an organization's overall cybersecurity strategy that adds an additional layer of data protection.

More Stories By Torben Andersen

Torben Andersen is globally responsible for Sales and Marketing at SMS PASSCODE. Prior to joining SMS PASSCODE, Torben held positions including Chief Commercial Officer at Better Place Denmark, where he oversaw all aspects of the commercial launch of Better Place’s solution in Denmark. Before joining Better Place he spent over 14 years in various leadership roles within Microsoft Denmark, EMEA, and Global.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@CloudExpo Stories
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, examined the regulations and provided insight on how it affects technology, challenges the established rules and will usher in new levels of diligence arou...
In his general session at 21st Cloud Expo, Greg Dumas, Calligo’s Vice President and G.M. of US operations, discussed the new Global Data Protection Regulation and how Calligo can help business stay compliant in digitally globalized world. Greg Dumas is Calligo's Vice President and G.M. of US operations. Calligo is an established service provider that provides an innovative platform for trusted cloud solutions. Calligo’s customers are typically most concerned about GDPR compliance, application p...
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis tool. It is an extremely lightweight tool that can integrate with pretty much any build process right now," explained Andrew Siegmund, Application Migration Specialist for CAST, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that's no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, explored how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He expla...
SYS-CON Events announced today that Evatronix will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Evatronix SA offers comprehensive solutions in the design and implementation of electronic systems, in CAD / CAM deployment, and also is a designer and manufacturer of advanced 3D scanners for professional applications.
SYS-CON Events announced today that Synametrics Technologies will exhibit at SYS-CON's 22nd International Cloud Expo®, which will take place on June 5-7, 2018, at the Javits Center in New York, NY. Synametrics Technologies is a privately held company based in Plainsboro, New Jersey that has been providing solutions for the developer community since 1997. Based on the success of its initial product offerings such as WinSQL, Xeams, SynaMan and Syncrify, Synametrics continues to create and hone inn...
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DX Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive ov...
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
To get the most out of their data, successful companies are not focusing on queries and data lakes, they are actively integrating analytics into their operations with a data-first application development approach. Real-time adjustments to improve revenues, reduce costs, or mitigate risk rely on applications that minimize latency on a variety of data sources. In his session at @BigDataExpo, Jack Norris, Senior Vice President, Data and Applications at MapR Technologies, reviewed best practices to ...
DevOps promotes continuous improvement through a culture of collaboration. But in real terms, how do you: Integrate activities across diverse teams and services? Make objective decisions with system-wide visibility? Use feedback loops to enable learning and improvement? With technology insights and real-world examples, in his general session at @DevOpsSummit, at 21st Cloud Expo, Andi Mann, Chief Technology Advocate at Splunk, explored how leading organizations use data-driven DevOps to close th...
Continuous Delivery makes it possible to exploit findings of cognitive psychology and neuroscience to increase the productivity and happiness of our teams. In his session at 22nd Cloud Expo | DXWorld Expo, Daniel Jones, CTO of EngineerBetter, will answer: How can we improve willpower and decrease technical debt? Is the present bias real? How can we turn it to our advantage? Can you increase a team’s effective IQ? How do DevOps & Product Teams increase empathy, and what impact does empath...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software. They hope to capture value from emerging technologies such as IoT, SDN, and AI. Ultimately, irrespective of the vertical, it is about deriving value from independent software applications participating in an ecosystem as one comprehensive solution. In his session at @ThingsExpo, Kausik Sridhar, founder and CTO of Pulzze Systems, discussed how given the magnitude of today's application ...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
Mobile device usage has increased exponentially during the past several years, as consumers rely on handhelds for everything from news and weather to banking and purchases. What can we expect in the next few years? The way in which we interact with our devices will fundamentally change, as businesses leverage Artificial Intelligence. We already see this taking shape as businesses leverage AI for cost savings and customer responsiveness. This trend will continue, as AI is used for more sophistica...
In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and B...
Digital transformation is about embracing digital technologies into a company's culture to better connect with its customers, automate processes, create better tools, enter new markets, etc. Such a transformation requires continuous orchestration across teams and an environment based on open collaboration and daily experiments. In his session at 21st Cloud Expo, Alex Casalboni, Technical (Cloud) Evangelist at Cloud Academy, explored and discussed the most urgent unsolved challenges to achieve f...
"Digital transformation - what we knew about it in the past has been redefined. Automation is going to play such a huge role in that because the culture, the technology, and the business operations are being shifted now," stated Brian Boeggeman, VP of Alliances & Partnerships at Ayehu, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
You know you need the cloud, but you're hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You're looking at private cloud solutions based on hyperconverged infrastructure, but you're concerned with the limits inherent in those technologies. What do you do?
"We started a Master of Science in business analytics - that's the hot topic. We serve the business community around San Francisco so we educate the working professionals and this is where they all want to be," explained Judy Lee, Associate Professor and Department Chair at Golden Gate University, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.