Is Your IT System As Safe As King Arthur's Castle?

Moated castle Bodiam near Robertsbridge in East Sussex, England was built in 1385 to defend the area against French invasion during the Hundred Years' War.

Moated castle Bodiam near Robertsbridge in East Sussex, England was built in 1385 to defend the area against French invasion during the Hundred Years' War.

Are your information systems and data as well protected as King Arthur's Castle? In medieval times castles defended the monarchy, people, and treasure from enemy attacks. These structures integrated defenses such as moats, high stone walls, and ramparts from which to launch resistive action.  The design intention was to stop or at least slow an invader’s assault. However, all of these efforts were for naught if an inside confederate simply opened the gates.

Protecting your information systems infrastructure requires a similar strategy but using different tools. Firewalls, anti-intrusion software, IP address and packet analysis, as well as other tools/methods, serve as the moat, drawbridge, and stone walls. But user access credentials are the front gate. 

"81% of hacking-related breaches leveraged either stolen and/or weak passwords" according to the respected Verizon 2017 Data Breach Investigations Report*. 

You have probably deployed stronger password requirements or even added multi-factor, two or three-step authentication. While these can increase your cyber security, these measures often frustrate the users. Inconvenienced users lead to complaints to IT and management, reduced use of applications and even exploring ways to defeat your safeguards. Four out of five breaches result from someone inside opening the gate.

Now is the time to consider face recognition user authentication as four out of five breaches result from someone inside opening the gate. Face recognition can simultaneously verify the user while they enter a username/password combination. Now the login process transforms from 2-3 steps into one. 2-3 seconds instead of 10-15 seconds. And face recognition can re-verify the user every few seconds adding extra shielding to your systems and data.

If you handle financial, medical, legal or other confidential data in your systems, attackers test your defenses daily. 

Don’t make it easy for them to walk through the front gate.  

*http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/