4IT Blog

4IT has been serving the Miami area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Colleges Begin to Implement Two-Factor Authentication to Improve Network Security

Colleges Begin to Implement Two-Factor Authentication to Improve Network Security

Has your business dealt with a phishing attack? If not, consider yourself lucky. There has been a massive spike in phishing attacks as hackers are aggressively going after organizations and the personal identifiable information they hold. These attacks are just not focused on typical businesses either, they are going after organizations that provide public goods. One place that has become a major target for hackers (and phishing attacks) are schools.

At first glance, a college would be one of first places any hacker would look to steal information. Not only do today’s colleges have vast, powerful networks, they have many people that regularly compute on those networks who don’t take network security into account in the least. Despite the work of diligent IT administrators, the actions of the students and faculty on the network can really cause a lot of problems, so can direct attacks on the same students and faculty. For this reason, many colleges are starting to implement two-factor authentication procedures to ensure that even security-negligent college students aren’t putting their entire organization’s network at risk.

Two-factor authentication, for those who do not know, is the practice of requiring two steps to gain access to the network in the form of questions. The design is pretty simple, and has been around for a while. Traditionally, a user would type in a password which would prompt another access authenticator code. That electronic authenticator (also called, fob) would provide the user a code to use to access the door. Nowadays, most of the two-factor authentication credentials can be sent to an individual’s mobile device, as an overwhelming majority of people rely on smartphones.

In an article on KrebsOnSecurity, the Director of IT security and Infrastructure at Bowling Green University, Matt Haschak, stated that these attacks had grown from a relatively benign 250 in 2015 to over 1,000 in 2016. These attacks are carried out to steal credentials used to access BGSU’s MyBSGU portal, the main hub for student, staff, and administration affairs for the university. With these credentials, hackers can then infiltrate a system that is populated with thousands of people’s personal information.

Bowling Green isn’t the only example. Other universities have recently been targeted by what their IT security personnel calls “spear phishing” attacks, going after specific people associated with the college. This includes club officers, athletics administrators, and other people who would have access to “fast cash”. While IT administrators are cognizant of these relatively new threats, they tend to evolve and victimize before anything can be done about them.

One instance of this happened at the University of Delaware where scammers are targeting international students. These extortion attempts tell the target that if they don’t pay, they will face deportation under U.S. law. This shows that these attacks are specifically tailored to the recipients, making detection nearly impossible for IT administrators to ward against.

“This is something unusual,” UD IT communications group manager Richard Gordon said, “This is a scam that had not been seen at other universities before. It shows how these scammers are always looking for ways to try to hit students.” Gordon advocates diligence and integrating some type of two-factor authentication system for all accounts that hold sensitive information. “If the account information is stolen, then someone can get into your account. But if you have two-factor authentication, then they can’t access it because they need the extra security code. It’s an extra security piece.”

While college IT administrators have their hands full, your business is often considered low-hanging fruit for these hackers. If you want to learn more on how to protect your network, staff, and your business from these types of phishing attacks, contact our trusted team of IT technicians today. We can assess your current IT setup and consult with you on how to improve your organization’s network security. Call us today at 305-278-7100.



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 01 May 2017
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

Qr Code

Blog Archive

Tag Cloud

Security Technology Cloud Privacy Microsoft Backup Best Practices Tip of the Week Business Computing Internet Hosted Solutions Managed Service Provider Software Business Management Productivity IT Services IT Support Saving Money Efficiency Windows VoIP Hackers Business Continuity Disaster Recovery Innovation Google Hardware Upgrade Mobile Device Management Malware Data Virtualization Server Mobile Devices Mobile Office Mobile Computing Business Save Money Small Business Information Technology Microsoft Office BYOD Network Windows 10 Workplace Tips Quick Tips Computer Disaster Firewall Avoiding Downtime Social Media Smartphones Network Security Going Green communications Remote Monitoring Gadgets Alert Tablet Recovery Operating System Wireless Technology IT Solutions Telephone Systems Communication Hard Drives Miscellaneous Saving Time Search Vendor Management User Tips WiFi VPN Customer Relationship Management History Email Maintenance Risk Management Outsourced IT The Internet of Things Unified Threat Management Apps Apple BDR Ransomware Telephony Bring Your Own Device Managed IT Services Passwords Budget Managed IT Mobility Windows 8 Laptop Net Neutrality Health Big Data Virus Chrome Analytics Hosted Solution Content Filtering Marketing IT COnsultant Private Cloud Router Computer Repair Collaboration Hacking Cybercrime Data Management Browser Administration Spam Social Engineering OneNote Application iPhone Point of Sale Remote Computing Humor Display PowerPoint Smartphone Workplace Outlook Network Congestion Encryption End of Support Paperless Office Gmail Proactive IT Trending Social Networking Government Bandwidth Office Uninterrupted Power Supply Efficency User Error Computers Printer Lithium-ion battery Wearable Technology Help Desk Printer Server The Blindside Of Chromecast Phishing Current Events Programming Social Domains Inbound Marketing Wireless Data Breach Administrator Uograde OneDrive Colocation Virtual Desktop Bluetooth Value Managed Security Access hacker Shortcut SharePoint Phone System Amazon Office 365 Data Protection Data storage Debate Information USB Ebay Money Save Time Wiring Co-managed IT Smart Technology Google Drive Biometrics Presentation Document Management Internet of Things Antivirus Images Internet Exlporer Buisness Business Intelligence Tech Support Flexibility Fax Server Two-factor Authentication Touchpad Excel Hard Drive Intranet Advertising Networking HIPAA Surge Protector Holiday Cost Management Robot Virtual Reality Nokia Retail Augmented Reality Applications DDoS Reliable Computing 3D Printing ISP App Automation Office Tips Solid State Drive Books Instant Messaging Avoid Downtime IT Security Streaming Media Education Operating Sysytem IT service Twitter

Blog Archive