We share your responses to the Fuel Cybersecurity Question of the Month
Friday, March 23, 2018
Each month, we ask Fuel members to weigh in with their opinions on the Cybersecurity Question of the Month, and we’re sharing their answers here.
This month we had multiple Fuel members voice their response to a question on the topic of Using Multi-Factor Authentication.
Using two- or multifactor authentication on your Remote Access systems is a must. At any moment in time, millions of user credentials are stolen — credentials that can potentially lead to unauthorized access into your network.
Which tools are you using for a large variety of configurations, and what is your strategy for success?
Manuel Zurita, Security Engineer with Palo Alto Networks, provided an example, saying that "Currently Using RSA MFA with remote access, but also I've done some integration with DUO Security - leveraging the RADIUS authentication proxy for remote access MFA.
MFA on remote access is a must because many organizations trust VPN connections at the same level or an internal user, many architectures I've evaluated and observed don't place application or TLS inspection security platforms on the trusted side of the VPN termination."
Fuel Member Dave Rodriguez, DBA#SYSADMIN with United Security Bank, concurred with Zurita saying that "DUO with Radius is a good solution."
What are some of the tools that you are using? Join this active conversation today!
Check Out Our Next Cybersecurity Question of the Month
Weigh in with your opinions and we'll share your answers on Fuel for Thought. It's an easy, quick way for you to share your expertise and make a contribution to the Fuel community.
Topic: Staying Secure with Cloud APIs
According to a recent study, the typical organization is managing an average of 363 APIs within the network of their applications. These APIs become a liability that needs protecting because they are often open to the public in order to allow external developers access.
One way to protect against the loss of sensitive data is using a secure protocol. This encrypts the data from the sender before sending it so that it reaches the server and must be decrypted and processed there.
Question: As APIs continue to play a prominent role in cloud security, how are you ensuring that the ones you have in place are the right tools for the job?
Check out these Fuel blog posts for further reading:
- The Importance of Network Visibility in a Growing Threat Landscape
- Cybersecurity Question of the Month: Addressing the Cybersecurity Talent Gap
- 3 Strategies to Better Secure Point-to-Point VPNs