Blog

Dresner Group Blog

Our technology blogs feature IT tips and best practices for businesses in Columbia, Baltimore, and Bel Air.

Why Implementing Security Keys Is Worth It

104830313_Security-Keys_400

There are many varieties of authentication that you have the option to leverage. Today, we’ll discuss the fundamental differences between them, and examine the pros and cons of one option: the physical security key.

How Does a Security Key Work?

In order to understand security keys, we first have to understand the concept of multi-factor authentication. Multi-factor authentication (sometimes referred to as 2-factor authentication) is a method of making online accounts more secure by increasing the requirements for access. Instead of just requiring a password, one of your accounts may also request that you input a code generated by an application on your mobile device.

Technically, this doesn’t even count as true two-factor authentication, as they are technically both something you know - one factor, with multiple steps. True 2FA/MFA would require you to have different factors - something you know, accompanied by something you have, or something you are (in the form of biometrics). Using a security key in addition to your password would count as such - you simply have the security key, without any knowledge of what is on it that confirms your identity. Even when you use best practices to create passwords, there is a chance of human error which may place your data at risk of cyberattack.

Well, until now, at least.

By inserting it into a device, a security key leverages something called FIDO2 (Fast Identity Online 2) to create a cryptographic public key identification system. This system enables the user to activate the private key and access the associated account.

Why Should I Use a Security Key?

Simply put, it is a fairly effective way of securing an account. As a service tied to a security key will require that key each time it is accessed, someone trying to access that service without it will find themselves out of luck. Furthermore, it isn’t as though a user will require a unique physical security key for each account they’ve secured - multiple codes can be stored on one. If you happen to use G Suite applications or Microsoft’s solutions in your office, you can leverage a security key to access these solutions more conveniently. Security key technology has reached the level of maturity that even your smartphone can be used as a security key.

Are Security Keys Compliant?

Believe it or not, they are…. At least according to the General Data Protection Regulation. This is because the use of a hardware-based security key requires data to be initially encrypted, and (assuming the proper security measures are put in place) a physical key allows data access to be controlled within an organization. Furthermore, if a key does wind up lost, its access can be revoked by an IT administrator.

However, it is important to keep this in mind - you could potentially be put at risk if a user lost their key and failed to report it. This makes the decision between utilizing a security key or some other kind of authentication one that will take some deliberation.

Lean on the professionals at Dresner Group for help in deciding how to secure your business’ assets. Give us a call at (410) 531-6727 or contact us using the form to the right.

×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Virtual Reality has a Limitless Future
Tip of the Week: Your Phone Can Work as Your Secur...
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 07 November 2024

Captcha Image

Client Service Login

Latest News & Events

Annual Channel Futures MSP 501 Identifies Best of the Best in the Managed Services Industry Dresner Group has been named as one of the world’s top-performing managed service providers in the prestigious 2024 Channel Futures MSP 501 rankings. The Chan...

Contact Us

Learn more about what Dresner Group can do for your business.

Copyright Dresner Group. All Rights Reserved.