It’s said that one is the loneliest number. It’s also said that one is the preferred number of authentication layers cybercriminals prefer.
When attempting to breach an electronic health record (EHR) system, getting past single authentication can be like a walk on the beach for hackers. According to a study from Verizon 82.9% of healthcare breaches—successful and unsuccessful—are related to the misuse of privileged access credentials. One of the reasons credentials are such a hot commodity for hackers is because for many organizations and individuals one simple password can hand over the keys to the kingdom. For healthcare organizations (HCO), those kingdoms hold a treasure trove of valuable patient information.
Any organization holding sensitive customer data, healthcare or otherwise, using single-factor authentication may be painting a target on their back. Since hospitals are a favorite for cybercriminals, Todd Williams, Manager of Security Operations at MEDHOST suggests HCOs reinforce their gates with cybersecurity measures like multi-factor authentication.
In this episode of Tales from the Encrypted, Williams provides a quick lesson on secure password management and explains how using a combination of authentication factors, like a password and a physical item, can help cut down on breaches caused by compromised credentials.