Security is a recurring topic in the field of ICT and telephony. Almost every day, both large and small organisations are the victims of cybercrime. We would rather prevent than cure and are happy to inform you about several ways to keep your data safe.
Secure every password in your company
LastPass; remember one password and LastPass does the rest. After installing the extension in your browser, you can immediately log in to save and use passwords. When creating an account, you think of one long, secure password and LastPass does the rest. You fill the safe with access data and forgetting passwords is a thing of the past. Filling the safe can be done in different ways: LastPass can save the data when logging on to a website, websites can be imported from an e-mail or another password manager.
As a password manager, the highest priority is to secure data. LastPass is designed in such a way that no one can access your safe. Specific encryption is used to ensure that the passwords are securely stored in the Cloud.
Data is encrypted and decrypted at the device level. Data in the vault remain protected, even from LastPass itself. The master password and the keys for locking and unlocking data are never sent to the LastPass servers and therefore remain private. The icing on the cake is also the use of dual verification (2FA, see further explanation on this page), an extra security layer.
Explore vulnerabilities
Every organisation has had to deal with it, phishing and hacking attempts are part of daily reality. Of course, you as an organisation, assume that your website is well secured, that malicious parties from outside cannot reach your network and that the application that you start several times a day is watertight. Unfortunately, this is often different in reality.
A penetration test is one of the most common ways to demonstrate the resilience and functioning of security. Pen tests come in all shapes and sizes, and therefore it is possible to have every thinkable company tested. Ethical hackers carry out an attack, like real hackers would. In this way, they look for vulnerabilities, mapping how organisations can turn these vulnerabilities into strengths.
Are you curious about the possibilities for your organisation? Please contact us so we can look at the possibilities.
Additional access control
Two-factor authentication (2FA) is an authentication method where you have to, successfully, complete two steps to get access to something. The first step is to enter a username and password. Through a second (small) step when logging in, extra verification is done on a mobile device of the user in question to check if he/she is indeed the one who should be logging in. Only this combination gives you access to an environment or application.
Why use it? Employees write passwords on a post-it stuck to a screen or on a notepad on a desk – or share these passwords with direct colleagues. Also, passwords are not changed to new passwords for a long time, or new passwords are chosen, which are very similar to the previous password. These are all risks.
Where to use? Access to your ‘environment’ is by default well secured with a password and can be extended with Two Factor Authentication using an app. Employees get an app on their phone that notifies them as soon as they log in to the environment. Via the phone, the notification is validated, and access is granted. In case of questions, lack of clarity, loss or theft, the user can contact the service desk.
How to configure? NDI configures two-factor authentication and includes the data of the users in a portal. In addition to the telephone number, this portal also provides insight into the type of telephone and the software used. Also, it is checked if it is secured well enough with, for example, a pin code. Based on this information, it is also possible to increase security even further. Has the need become clear?
We are happy to help you set this up. Please contact us and we will reach to you to discuss the posibilities or to make an appointment for a visit.