As we approach Thanksgiving this year in the U.S., we are reminded of the hack of the point-of-sale systems at Target at about this time last year. It was (at the time) the largest hack in history in terms of number of people impacted with around 40 million cards stolen (though it has since been surpassed twice in the last year)! Of course, Green Rocket Security doesn’t provide POS security, but the key point in this breach was how the attackers got in.
To be able to attack the Target POS systems, the first attack was against a subcontractor. This particular subcontractor had access to the Target corporate network to perform remote maintenance and monitoring of HVAC systems. Once an account at the subcontractor had been breached, the attackers were able to eventually gain access to the POS system (which in and of itself seems a major problem, as why were those systems on the same network?) to effect the hack. This subcontractor had a username and password as the only protection to access Target’s corporate network. Had Target required the subcontractor to use 2FA (Two-Factor Authentication) the hack would have been prevented right there!
This shows quite clearly that 2FA is essential for more than just your own employees. Any access to your network needs to be secured with something better than just usernames and passwords. We already know that most passwords used can easily be broken, and when granting (third-party) access to someone outside of your company, it’s even harder to ensure the security of those credentials. By requiring 2FA for all logins, both for your own employees and any outside parties, you can ensure simple and uniform high security for your network access.