Your security and multi-factor resolutions

As the new year rolls forward, many individuals participate in the tradition of making New Year’s resolutions to change an undesired trait or behavior, set new goals or simply improve themselves.

2021 will be considered as a tough year for many of us for a multitude of reasons.

Living in a pandemic continues to challenge supply chains, impact workforces and stretch the boundaries of our business infrastructures as more employees choose or are forced to work from home.

From the SolarWinds supply-chain attacks, JBS Foods ransomware attack, to the Log4j vulnerabilities and everything else in between, it is clear that things are getting harder in the technology realm as we try to keep pace with mitigating the risks within an organization.

Looking forward into 2022, there are no signs that cybersecurity incidents will be slowing down any time soon.

A mid-year Cyber Threat report update produced by SonicWall in July predicted a total of roughly 714 million attempted ransomware attacks in 2021.

If these numbers are found to remain true, it will account for a 134 percent increase over last year's totals.

As insurance companies wrestle with the increasing payouts and volume of ransomware, many insurers are demanding increased cybersecurity controls before agreeing to continued coverage.

The most frequent demand seen today to continue cyber insurance is the adoption of multi-factor-authentication for securing email, remote and administrative access.

In addition to using a username and password as something you know, the additional step of something you have in your possession adds the extra layer of security.

A study performed by Yubico and 451 Research concluded 74 percent of senior management plans to increase spending on multi-factor-authentication and that grows to 80 percent in the retail and financial services sectors.

As we continue to shift our security controls within our organizations to better align with the increased security demands, we can use many of these same practices in our personal lives as well to keep our personal lives protected.

While many websites require you to set up multi-factor-authentication today, there are a large number of sites that have optional settings that allow you to choose if you want to enable this additional security layer.

One step to improve your security posture at home is to consider the important sites you visit and ensure that multi-factor-authentication is enabled if it is available.

Financial and health care sites often are at the forefront of the security requirements and likely already will force this requirement. It’s also worth verifying if personal email, social media, insurance and utilities accounts offer this functionality and make sure they are enabled.

You often will find the ability to add multi-factor-authentication under the account, profile or security section of a particular site. In some instances the multi-factor-authentication also will be referred to as two-step authentication or multi-step authentication.

Enabling this feature will make a world of difference for your overall security posture and maybe even cross off a resolution.

Paul Nus is the director of technology at Folience, The Gazette’s parent company, and a board member of SecMidwest, a Cedar Rapids-based not-for-profit focused on cybersecurity education; SecMidwest.org .