KnowWho

cloud key2Two Factor Authentication without the hassle

Two Factor Authentication (2FA) removes your company's reliance on static passwords for security, negating the risk of Phising, Social Engineering and Identity Theft / Fraud for your business!

KnowWho (powered by Safenet) provides an affordable, 2FA solution for businesses / services of all sizes, removing initial setup fees and enabling flexibility not found in other solutions.

Read more to discover how KnowWho protects your business, removing your most pressing security concerns, or contact us now for your free trial!

What is Authentication?

bsid cloudAuthentication is the act of establishing or confirming something (or someone) as authentic. In Internet security, Authentication concerns us as we have an increasing need to establish that a member of staff, or a customer, is authentic, that is, that they are who they claim to be.

Traditionally and currently, this authentication is achieved through the supply of a username (generally defined by a policy) and a password, known only to the user (hopefully!).

Increasing Threat

Cybercriminals' focus has moved from forcing entry to your network through attack, to getting access to your data by masquerading as an authenticated user of your systems.

We make this easy for them, our staff and regulation demand that we provide increasing levels of remote access to our systems. Working from home, accessing emails, sharing information with suppliers and customers, using online systems to store and give information...

The boundaries of our network are expanding. How do we allow this to continue whilst maintaining the security of our critical business data?

What's the solution? 

knowwho loginHow do we deploy a method of authentication that necessitates a higher level of identity proof, whilst minimising the inconvenience caused for our users?

Two-Factor Authentication

Two-Factor Authentication (2FA) is not a new concept, it is used every time a bank customer visits the local ATM. One authentication factor is the physical ATM card the customer slides into the machine. The second factor is the PIN they enter. Without either of these, authentication cannot take place.

Simply put, 2FA results in a high level of security by requiring:

SOMETHING YOU KNOW - Your password and/or username

AND

SOMETHING YOU HAVE: A token (software or hardware) which provides a One-Time Password (OTP) each time the user wishes to log into the system

A One-Time Password is a password which is changed each time a user logs into the system. The password may reset each time the system is used, or may be generated dependent upon another factor, such as time.

Why KnowWho?

kt4 tokenUntil now, deployment of Two-Factor Authentication has been costly and consequently, generally the domain of enterprise and financial organisations.

Many businesses have embraced the use of online systems, and rightly so, as we have quickly become dependent upon these technologies. The issue can be that following the deployment of such a system, few of us have budget remaining to address authentication concerns. Or maybe we are simply unaware that such options exist, but have reached the point where we have had to expand access options for our staff.

Due to the nature of the concerns it addresses, 2FA is only truly effective when deployed across your entire remote-user base and this, at a cost of around £100 per user, is often beyond the reach of security budgets.

KnowWho reduces the cost by removing the need for deployment of local authentication software / systems, instead hosting these in the ‘cloud’. Meanwhile your tokens are provided by software (included in your fee), SMS, or hardware token!

Your business can now deploy Two-Factor Authentication and remove the risk of identity theft and phishing for as little as £9 per quarter per user!

What's wrong with passwords?

1: They're not difficult to guess

We enter passwords into systems every day, we believe that the use of a password will protect our business from anyone trying to impersonate us or our users. It seems reasonable; imagine finding a laptop and trying to guess the password, be it 8, 6 or even 4 characters long, one would expect it to take some time, or for you to have to get lucky!

Bring computers into the equation and the balance shifts. If we could all remember unique 6 character passwords made up of numbers, letters, symbols and upper or lowercase for every system we log into, it would take a single machine 1.9 hours to try every combination! Even less with many machines operating, for example, as part of a bot-net.

2: We give them away too easily

Many of us are now familiar with the term Phishing. The act of attempting to trick passwords out of users has become one of, if not the most profitable activity for cyber criminals. Whether it be via emails masquerading as banks, hoax websites or even social networking, all of your staff are under daily pressure to expose their passwords and consequently your systems to these criminals.

How confident, as a business, are you that your users (staff or customers) can maintain the secrecy of passwords used to access systems in the office?

How many of your users re-use passwords on systems at home and in the office? Passwords used to access your business network are likely to be the same as those used for social networking sites, other online email and chat systems, dating websites, and much more…

3: We have a limited memory for them

Finally, carelessness. Many of us suffer from password-overload and have to resort to making a note of passwords in many places, post-it notes, scraps of paper, even files on our PCs. Or maybe we trust our information to people. Do we tell our spouse a password so they can log on, or our children, a friend?