With the increasing rise of ransomware attacks on industries within education, government, construction and industry in 2022, it is no wonder that they are looking for new ways of trying to secure their digital and physical assets. The method they have their eyes on is MFA or multi-factor authentication. According to Okta’s 2021 State of Zero Trust Security Report, 85% of businesses worldwide are using an MFA solution for their employees with 19% using it for external users such as the general populace. This means that there are still many businesses who will need to use MFA to secure their entire presence as external users are being left unprotected.

As a result, insurance companies are noticeably adopting new standards that require MFA methods of login to avoid the issues relating to ransomware holding PII (Personally Identifiable Information) hostage.

Ransomware is costly.

The average cost of a ransom payment in 2021 was $220,298 with the loss ratio going from 44.8% to 67.8% from 2019 to 2020. Hackers use this as a means to make money while requiring the business to pay for a decryption key. Many of these companies are targeted based off their willingness to pay the ransom rather than the quantity of PII that they have stored.

So, how can you use MFA to prevent this large loss of financial capital from your business?

MFA or multi-factor authentication is a method of computer or application login using multiple types of authentication methods.

There are three important concepts that you must understand about MFA.

They are based off:

When thinking about something that you know , you should think of a password or PIN which you might write down on a Post-it note or hopefully, use a password manager for. These are the most common forms of authentication that are out there and have issues with security. Much of the attacks that are seen in the world today have to do with password cracking given their ubiquity on all the website that you try to access. PINS are common when confirming a credit or debit card transaction at the store or the ATM. Your credit/debit card is one form of identification while the other is the PIN that you type in on the PIN pad reader. You may also have seen PINS being used with physical access controls (PACS) such as doors. A PACS device that we carry for example, the Identiv SPR332v2 PIN Pad Reader is an example of that.

Something that you have is similar to a smart card which you carry in the form of an ID badge for work or a credit/debit card. You are to insert this or wave it in front of the smart card reader that you have in order to authenticate yourself. It could also come in the form of a security key such as the Identiv FIDO 2 Security Key which we carry. This is great for authenticating yourself into online accounts such as Google, DropBox and even eBay thanks to their support of the FIDO standards. Feel free to read more about what the FIDO Alliance means and how that will change the way that we login into online accounts in the future.

Something that you are includes biometrics such as your fingerprint, iris or finger vein. You are the only person that has each of these unique characteristics. No two fingerprints and finger veins are alike. We actually have written a lot about finger vein authentication in the past with regards to the Hitachi H-1 Finger Vein Scanner (Check out those blog posts!) with a nearly impenetrable authentication method thanks to the uniqueness and internal nature of finger veins. We have many other biometric types of reader for both mobile and desktop usage from companies such as SecuGen ( SecuGen Hamster Pro Duo CL USB Fingerprint Reader ) and Identos ( Identos Tactivo mini Smart Card Reader and Optical Sensor Fingerprint Scanner ).

So, multi-factor authentication is certainly not a new solution or one that is only now being tested as the U.S. federal government has required it for all their agencies. Certain laws have also been passed in New York State from their New York Department of Financial Services along with the NAIC (National Association of Insurance Commissioners) and their Insurance Data Security Model Law. So, using MFA is understood to be quite a viable solution in the government’s eyes.

To implement MFA technology, take a look at below at one of the best solutions that we have to offer.

We are a licensed distributor within the smart card industry for large manufacturers such as ACS, HID and Identiv. We offer a wide variety of both contact and contactless readers and have a selection of NFC readers for NFC tag applications. In addition to hardware, we also offer software solutions such as  Open Domain Sphinx  and  Access Smart PowerLogOn.

We are a  Platinum Partner of HID’s smart card readers and software solutions  which include  HID Digital Persona ,  HID ActivClient  along with well-known smart card readers such as the  HID OMNIKEY 3021  and the  3121.

You can trust that we will do a fantastic job with implementing HID’s solutions into your workplace.

You more than likely have some form of insurance for your business such as disaster insurance and employee liability insurance, and you also know that there are certain requirements that you must meet in order to qualify for these plans whether that be a certain number of employees or even the dollar amount of coverage that you are required to get.

However, given the large-scale ransomware attacks that have occurred, you may be required to adopt MFA technology for your business.

So be aware that given these recent events that insurance companies are looking for ways to cut their losses and this may include increasing premiums. They are becoming much more aware of concerns that come with certain industry classes, durations, risk size and offer limits. So, if you are in some of the hardest hit industries such as education, industrial services­­ education, government entities, healthcare, construction and manufacturing , you will need to adopt an MFA method in order to avoid paying higher insurance premiums or not being issued an insurance policy whatsoever .

These industries are facing more issues with capacity and are having to deal with many insurers at once , so this will be another consequence that you may have to deal with when applying or renewing your insurance policy.

This also means that these underwriters or agents will be asking much in-depth questions about your security practices at your office and when interacting with clients. These may be around:

So, be sure to keep this in mind when you try to access policy information. There might also be clauses to specifically address not covering ransomware losses because of how big they can become. Just, make sure that they cover issues relating to business downtime when you are spending the time solving the problem and cleaning up the mess afterwards.

So, do not be surprised about all the new questions and concerns that come up.

*BE ON THE LOOKOUT! *

[Policies may include clauses that do not cover issues relating to ransomware losses to prevent insurance companies from being on the hook for a large number of expenses. Business interruptions may also be included within the policy.]

Ransomware has always been an issue but was put in the spotlight in 2020 because of government policies aimed at forcing employees to work from home. This left corporate hardware and software in the hands of employees who may not have had the securest set-up at their home offices. Attackers saw this as a prime target for their methods and went straight ahead on the attack.

Multiple companies have fallen prey to this form of hacking such as Colonial Pipeline, JBS Meats and SolarWinds which were widely mentioned in many news outlets across the country which involves stealing data and using that as a means to garnish money that a company has. Usually, this involves paying for a decryption key that allows for access to the data that was taken.

Ransomware was a larger issue in 2021 with ransom payments having reached an average of $220,298 according to Coveware , and it is only going up from here with attacks increasing for companies that are willing to pay for their data. Attackers look for this as they want to make sure that they get their payout for the work that they do.

That is why you need a software solution that will protect not only your assets but will show to the company that you are working with for insurance that you know what you are talking about. Your premiums will diminish, and you will maintain the relationship that you build with your account manager. You can also slow down the efforts of a hacker who will have to do twice the effort in order to get the same reward that they could get with a password-only setup. So, they will stop before they even start.

HID Global is a powerhouse when it comes to cybersecurity software and hardware.

HID’s DigitalPersona is a Windows-based online solution (Windows 8.1 or higher for clients) (Windows Server 2012 R2 or higher for servers) that will allow you to integrate your cloud or server-based applications with new methods of authentication such as with:

We offer many hardware devices that will support these types of methods from not only HID but also companies such as ACS and Identiv which are both trusted in their fields. So, take a look at our selection of hardware for logging into your account with your traditional password.

It is made for real-time monitoring and maintaining of hardware.

If you have Windows Active Directory, Azure or LDS (Light Directory Service) set up on your workplace network then you are in luck because it integrates with those services for a seamless experience with the apps that you use most. Its single dashboard allows for a SSO or Single-Sign On into the apps that you use the most along with SAML-supported applications that allow for online account access which is thanks to the Access Management API, OpenID Connect, WS-Fed protocols.

To learn more about SAML-supported apps, see :

Pre-integrated SAML apps catalog

AND, don’t get rid of that Prox card system just yet though as you can use a proximity card with HID Digital Persona to be able to login to your apps as well. If you need a smart card reader to go with that then you can try the HID OMNIKEY 5025 CL ID Badge Smart Card Reader that supports both Prox and smart card formats.

If you are looking for additional features, there are multiple configurations that are available of Digital Persona that support your specific needs with your business. If you need something much more robust then look for the Premium Edition which includes more features such as password management and the ability to secure all your business’ applications, systems and networks. There are also features such as SSO (SAML), Access Management API and Password Management Modules to login to online accounts in one integrated online dashboard.

It is also great for Windows login which can support up to three credentialing methods (3FA or three-factor authentication) for an added layer of security. So, for example, you could have a password then a smart card and a security key prompt in order to login to your computer. This is ideal for industries that are highly regulated as finance or even scientific research & development. It also allows for the self-enrollment of credentials and authentication policy enforcement that are based on time-based, velocity and location parameters.

Overall, the main takeaways about HID’s DigitalPersona is that it is easy-to-use, works straight out of the box without need for additional software, supports multiple workstations and offers strong protection .

We also offer more MFA methods beyond DigitalPersona including:

So, if you want to keep your business protected by your insurance and remove the high premiums that will decidedly come with the lack of MFA technology then Tx Systems has your back.

You can book a demo with us here where you can set up a call to see just how powerful DigitalPersona will be for your business. These calls are FREE and should not take too much of your time. Feel free to ask any more questions through our email at sales@txsystems.com or 858-622-2004, and we would be happy to provide the best solution for your business.