A major security mandate is coming your way, and it will take place before you know it.
In December of 2017, the National Institute of Standards and Technology (NIST) Special Publications (SP) 800-171 will come into effect, requiring changes in multi-factor authentication (MFA) to better protect government information.
However, what makes this one different are the penalties for non-compliance. You won’t just pay hefty fines; you’ll actually lose your government contracts, which could result in the loss of millions (or even billions) of revenue dollars for independent contractors.
One of the mandate requirements is to bring a more secure multi-factor authentication process into the organization.
In an exclusive interview with SecureWorld, Yves Audebert, Co-Founder, President and Chairman of Axiad IDS, says that “getting rid of passwords is a necessary step in the process.” Any company or contractor working with the Department of Defense can no longer rely on passwords alone when the mandate takes effect.
Audebert says it's only a matter of time before policies on multi- or two-factor authentication become stricter, and that it's also raising awareness on how companies can be more secure.
Bassam Al-Khalidi, Co-Founder and Principal Consultant of Axiad IDS, says, "The notion has always been that if we increase security, we make it more complex."
However, new technologies are allowing companies to use stronger authentication practices but in a much simpler form—such as inserting a chip into your computer before it will allow you to access it.
"By simplifying the user experience, we think the adoption rate [of the mandate] will be higher than a traditional username and password," says Al-Khalidi.
What challenges will companies face in establishing these regulations for their own companies? Al-Khalidi shares his thoughts on potential roadblocks coming ahead: