Strong multi-factor authentication requires biometric identity verification

Record setting breaches, the rise of ransomware, and increasing liability have most organizations searching for improved security solutions.


The current federal recommendation is that businesses with an interest in securing their data adopt multi-factor authentication (MFA) to improve their overall security posture. However, not all MFA processes are created equally. In fact, most simply don’t go far enough to protect organizations against the threats that already exist or build in resiliency against future attacks.

The complexity of modern security problems hinders the ability of MFA solutions to solve them in ways that span silos and integrate with existing security systems. Attackers don’t attack organizations where their security is strongest. Instead, they exploit the obvious gaps in defenses. Currently, their path of least resistance is to take advantage of the security gaps that exist in passwords and other authentication processes. From a high level, that problem can quickly be broken down into several fundamental issues:

  • Huge relational password databases readily available on the dark web that contain billions upon billions of compromised user passwords
  • Users reusing passwords across multiple sites (especially in relation to the above)The rising sophistication of phishing attacks designed to steal passwords and other credentials
  • The acceleration of remote work dramatically increasing an organization’s potential attack surface
  • Over-reliance on items that can be compromised, stolen, or lost (mobile devices, thumb drives, badges, etc.)

That’s a slew of challenges surrounding just one general security process, authentication. That means any MFA solution designed to improve an organization’s overall security posture will need to be:

  • Flexible enough to protect access no matter where it occurs, remotely or on site
  • Able to protect not only network access to IT processes and applications, but also access to hardware like printers and shared workstations  Inherently seamless and usable with existing processes while not disrupting anything else
  • Able to protect users from themselves when they succumb to a phishing attack
  • Span departmental silos and responsibilities 

The only solution that can solve all those challenges while also building in resilience against future attacks is biometric identity verification. It not only adds an extra layer of unforgeable security, it also helps fill the gaps in existing security processes by providing protection across a widespread workforce and facilities alike. For most organizations, requiring MFA will be a step in the right direction. But, too many will still leave significant gaps in their security posture by implementing MFA without biometric identity verification.


Put simply, stronger security now requires biometric identity verification. SentryCard gives organizations an easy and immediate way for users to provide proof of their identity and ensure that they are who they say they are. It’s a self-contained, biometric, portable ID card that serves as a multi-function credential for both physical and logical access. The SentryCard is the only open-architected biometric platform in the market, and is the only solution that can seamlessly integrate with every back-end system. SentryCard ensures every request coming from your users is valid and authorized because it relies on biometric fingerprint matching stored and verified on the card itself. With SentryCard in place, attackers can easily be prevented from gaining access with stolen or false credentials. It’s fraud-proof in a way that current password-based solutions–no matter their complexity or multi-factor requirements–simply aren’t.   

To learn how SentryCard adds a level of protection to your entire organization with verifiable identity integrated into your current environment, please click here to contact Sentry Enterprises. 

Compromised credentials remained the biggest enterprise security threat in 2022

Compromised credentials remained the biggest enterprise security threat in 2022


2021 was yet another record year for cyber attacks both in terms of breaches and financial damages. While there were banner headlines around high profile vulnerabilities like Log4j and SUNBURST, for the most part they were mitigated with robust patching procedures. The true menace of 2021 was ransomware that included real world impacts that shut down everything from pipelines to local governments. Compromised user credentials are the most common initial attack vector and are ultimately responsible for a full 20% of data breaches. In 2021, the greatest threats to enterprise security efforts remained stolen or forged credentials.

The Security Stakes Are Higher Than Ever

When 82% of users admit they reuse passwords across various accounts, you can understand the enormity of the problem. The fundamental issue with stolen or forged credentials is that they can provide the entry point attackers can leverage to launch other, more damaging attacks. Those entry points are hard to find, too. The Cost of a Data Breach Report 2021 revealed that on average it takes organizations 250 days to recognize that a breach occurred as a result of compromised user credentials. That much time is plenty for a persistent hacker to find other avenues of attack. 


The good news from 2021 is that robust patching procedures work to mitigate these vulnerabilities. Although enterprises know how to do this now, patching isn’t a perfect solution. The hard truth is that some security vulnerabilities are so fundamentally part of a flawed process or product that attackers can bypass any authentication requirement. What can enterprises do then? Understand there will be times when you will be dependent on applying relevant patches to prevent exploitation of a vulnerability, especially when a vulnerability can be buried deeply in third party legacy code or be part of a trusted security product. But counterintuitively, these are exactly the reasons to add more layers of identification requirements to your security efforts. Fraud-proof identification requirements can help build in protection for when patches aren’t yet available while also ensuring that users are protected from the biggest enterprise security threat – themselves.

In 2022, there is no doubt that the largest category of attacks that will impact you will result from stolen or forged credentials. By replacing a reliance on passwords with fraud-proof biometric authentication that meets FIDO2, you can move your security forward and build resilience against any threat that involves stolen or forged credentials. SentryCard evolves authentication with fraud-proof identity verification that cannot be forged and is useless if lost or stolen. With SentryCard, you can ensure every request coming from your users is valid and authorized because it relies on biometric fingerprint matching stored and verified on the card itself.


For more information about how SentryCard can help you build security resilience across your organization and protect you from compromised user credentials, please click here to contact Sentry Enterprises.

The attacks most likely to impact you in 2022


Attacks against corporate networks increased by 50% from 2020 to 2021. It’s not just the sheer numbers of attacks that have risen, but also the costs associated with successful ones – which for good measure are also happening more frequently. Server-side weaknesses can usually be prevented with proper patching and traditional security tools like firewalls. Where organizations are failing is in countering their biggest security threat, their own users. Unfortunately, that perfectly intersects with two troubling trends from last year that will increasingly threaten your cyber security in 2022.

Phishing


How bad is phishing? According to Verizon’s 2021 Data Breach Investigations Report, phishing and/or pretexting now accounts for 43% of all data breaches. Phishing is also now the primary vector by which ransomware gets installed. Phishing is so effective because it’s an attack designed for the modern world where the lines between personal and professional are increasingly blurred. That’s a problem when your users interconnect their worlds to the point they share devices, applications, and passwords between the two without a second thought.

Oversharing on social media also helps attackers craft sophisticated spear phishing attacks. Spear phishing attacks are launched against either a highly targeted individual or even a specific organization. The larger an organization gets, the more effective they are, too.  What’s also troubling is that even broad-based phishing attacks have gotten significantly harder to spot. They used to work in the same manner as the Nigerian prince scam. Namely, the misspellings were a feature, not a bug. If a recipient wasn’t sophisticated enough to deduce the fraudulence from the beginning, then they were a good candidate for further attention. But now phishing attacks show up on mobile devices masquerading as bill payment prize notifications or free gift cards. Or in inboxes as late mortgage notices. They are simply getting harder not to click.

Ransomware


A whopping 37 percent of all businesses and organizations were hit by ransomware last year.  As is, ransomware is costing businesses plenty. Ransomware was estimated to have had global costs of $20 billion in 2021. Attackers know they can make money with the current approach, so the problems are only going to increase. If it continues to grow at its current pace, then by 2031 that number will be a staggering $265 billion

Ransomware also crossed a boundary in 2021 when it impacted critical energy infrastructure and roiled markets for several days during the Colonial Pipeline attack. The problem is that the proof of concept of that attack can now be weaponized. The attackers got ‘lucky’ in finding their target in this attack. Other targeted attacks will follow, though. 

Close


Your risk depends on your business objectives. Your tolerance for that risk depends on you. SentryCard gives you a way to improve your security holistically in a way that crosses traditional corporate silos. Your security must work no matter where your personnel are connecting from, remotely or on-site. It needs to be fraud-proof in a way that current password-based solutions — no matter their complexity or multi-factor requirements – simply aren’t. Finally, it must build in protection against your biggest security weakness – your users.

SentryCard can help you protect both remote and onsite users while also offering data and facilities access protection. It’s a self-contained, biometric portable ID card that serves as a multi-function credential for both physical and logical access. With SentryCard, you can ensure every request coming from your users is valid and authorized because it relies on biometric fingerprint matching stored and verified on the card itself. 

For more information about how SentryCard can help protect you from the increasing costs of cybercrime, please click here to contact Sentry Enterprises.