Over the past few weeks, workers have settled into telework. Competing for bandwidth with children who are distance learning and video conferencing issues aside, working from home improves an employee’s work enjoyment and productivity. However, unsecure Wi-Fi and personal devices are easy pickings for hackers attempting to steal valuable company and consumer information, opening a company to financial and reputational damage. One tool chief information security officers should have in their toolbox is multi-factor authentication (MFA) that establishes a strong end to end protected connection.

MFA is a critical component to a complete cybersecurity solution. Currently, the industry standard is for employees to enter a username and password to access sensitive information. While this layer of personal security is a good start, usernames and passwords are notoriously easy for hackers to get a hold of, with many individuals using the same passwords for multiple personal and company accounts or saving passwords online in their web browser or another third-party service, all possible entities that can be hacked and provide outsiders with the necessary information to enter your network. If employees use these passwords on a public network or on an out-of-date personal device, hackers can also access and record their usernames and passwords.

A solution to this is embedding MFA into the outer-most layer of data access, such as the endpoint device that extends and directly handshakes with each access application server. SPYRUS Rosetta drives are FIPS 140-2 Level 3 certified and enable this approach, requiring users attempting to access data on the drives to validate themselves with something they have, something they know and optionally, something they are. Once a user has successfully authenticated themselves, the user is allowed access into the sensitive information, either locally on the drive or remotely via an application server. Once authenticated, all communication is established over a network is 256-bit (as a minimum) encrypted session, preventing any “man in the middle” vulnerabilities associated with one time password and open authentication implementations. With the SYPRUS Device Management Platform, IT administrators can monitor logs of all activity between the endpoint and application servers and remotely updated security policies such as setting a time limit on data access or suspending keys necessary to access data. If abnormal activity is recorded, IT administrators can “kill” the drive, rendering all data on the drive permanently destroyed.

Working from home does not have to be dangerous. Employees can be afforded enhanced workflow productivity while implementing Military grade MFA, data protection and endpoint management with full enterprise control. With the SPYRUS ecosystem, companies can protect their data at rest, in transit, and in use on any device anywhere. To learn more about SPYRUS tokens with MFA, contact one of our sales reps at sales@spyrus.com.