Blog LBMC

Print Divider Print Divider Branding
 

Adopt Two-Factor Authentication for System Admins and Remote Users

01/12/2017

Share

Social Logo Social Logo Social Logo Social Logo

By Ty Tyra, guest blogger

Let's examine the use of two-factor authentication for all remote users and by system administrators.

Adopt Two-Factor Authentication for System Admins and Remote Use

Bad guys are always looking for the path of least resistance, and one of the easiest ways to gain unauthorized access is by stealing credentials from approved users. That’s the idea behind phishing attacks, but it also represents a driving force in targeting user credentials in instances such as the 2016 Yahoo! breach, in which the account information and encrypted passwords of at least 500 million accounts were stolen.

Password/passphrase re-use by users is always an issue, and it’s certainly not uncommon for an employee to use his/her work credentials when creating accounts with third-party sites. Therefore, if third-party data breaches lead to the widespread public disclosure of hundreds of millions of username and password combinations, those could be used to successfully gain remote access to your environment by an unauthorized user.

Such unauthorized access likely would manifest as remote logins via VPN or access to online Web portals (especially email). Requiring a second authentication factor for remote access, such as a text sent to a user’s mobile phone, helps mitigate the chance that a compromised password or passphrase will grant an unauthorized user external access to the organization’s environment and/or resources. Many organizations already use two-factor authentication for VPN access, but online Web portals and email often are overlooked. The information that can be gained from such portals can be quite useful to malicious actors when performing recon, so consider such a risk to your environment when pondering whether to use two-factor for external portals and email access.

System administrators certainly are not immune to password/passphrase re-use issues. Due to their constant work with highly sensitive resources and information within the organization, system admins should be required to use two-factor authentication for both local and remote access. They wield great power within your organization, and, to borrow an old comic book trope, with great power comes great responsibility – and the need for two-factor authentication.

Our team at is ready to assist with a wide range of network defense services.