As is the case with security standards, two-factor authentication was first developed and used by the military, back in the 1980s. In the 90s, it was also used by the first commercial companies from specific areas (e.g. gamer companies). After 2000, the general population began to encounter the two-factor when using banking services. It’s understandable, because we provide the most sensitive data to them, so they need to deliver us services with the highest protection.
Two-factor may annoy you, but it is becoming more and more the dominant way to protect data in digital services. What is two-factor? How does it work and what forms can you choose to protect your data in TULIP?
You will also encounter it under the abbreviation MFA, which stands for multi-factor authentication.
Why should MFA be used in your organization?
It’s simple. The number of cyber attacks is constantly increasing and the weakest point in the organization is always the employee. Unfortunately, it is. Most often, the individual human factor fails. Up to 81% of successful cyber attacks are caused by cracking or stealing employee passwords. The employee either invents passwords that are too simple or stores them without protection.
The strong password policy is correct, but because it annoys employees, they invent shortcuts and workarounds that ultimately cause the same security threats as if they had a weak password (this includes marking passwords in insecure files, inventing simple and logical variations of the original strong password, thereby we weaken it).
A way to eliminate these risks is to replace the use of passwords with multi-factor authentication. It is a combination of at least two independent identity verification methods (hence the name two-factor authentication. Only few companies choose more than two methods) that unlock the employee’s access to the system (or to their data).
What types of MFA are available?
There are two most common methods of multi-factor authentication:
-
Adding the second factor to the classic authentication by name and password
This is the most common method of additional identity verification. It works in such a way that the employee logs into the system with a classic name and password, but an additional security element is added to it. For example, an SMS to their mobile phone with a numerical code that they have to submit when logging in.
-
„Passwordless“ – Removing username and password
It works, for example, by using an application on a mobile phone, through which a window pops up when you try to log in, which you need to click away. Subsequently, the employee logs into the application using a fingerprint and that’s it. Their identity is confirmed and their company system is unlocked. No password is required either. Other options are various password unifications across company systems, from physical identification to electronic signature.
What MFA do we provide when using TULIP?
TULIP cooperates with ProID, which is part of Monet plus. ProID provides us with multi-factor authentication using three methods that the client can choose for their employees:
- Mobile application: Pop-up window and subsequent fingerprint on the mobile phone when logging into TULIP
- Mobile application: Generating of a unique code in the mobile application when logging into TULIP
- SMS code: Sending a code in SMS that needs to be rewritten when logging in
Examples of two-factor authentication when logging into TULIP:
TULIP login screen waiting for login confirmation in mobile application
The TULIP login screen, where you need to enter the code from the SMS to log in
We recommend turning on MFA to all clients to increase the protection of company data. If you still do not have multifactor enabled for working with the TULIP platform, please contact us. Together we will agree on the most suitable option for your company.
LIKED WHAT YOU'VE JUST READ?
Feed your thirst for more! Subscribe and receive our news directly in your inbox.
