As data breaches increased in 2020, many companies are struggling to find innovative technologies to protect their digital services, avoiding using traditional access methods. For companies who are ready to get rid of passwords, ToothPic is the passwordless solution that best guarantees a higher level of security to the authentication process. Moreover, employees can use their smartphones as a digital signature device and for securely sharing critical documents.
THE CYBER DARK RISK OF REMOTE WORKING
Working from home has been increasing during the last 18 months, due to the pandemic, which has forced companies (and pushed the employees to demand) to introduce smart and remote working. However, managing remote working can have a dark-side in terms of cyber attacks against the companies themselves.
Why does remote work affect cybersecurity and what are the main causes?
- Low protection of personal devices: personal devices do not have the same protections as company-supplied devices and the same level of monitoring and quality.
- Unsafe home networks: home networks use affordable consumer-grade network devices with often outdated software and network protection.
- Weak credentials: employees often use easy-to-guess credentials to access their company resources, such as passwords.
DATA AT HAND
A clear proof of what we discussed above has been given by IBM Security. In its study an increase of cyber attacks during the COVID pandemic was underlined, at a very high cost to businesses: $4.24 Million per data breach, the highest in the 17-year history of the report. In particular, data breaches appear to be more expensive (averaging over $1 Million) when remote working is reported as a factor in the event. In this scenario, the report “Rapporto sulla Sicurezza ICT in Italia (2021)”, edited by Clusit, explains how in the pandemic year a record of cyber attacks occurred globally: in 2020, 1,871 serious attacks in the public domain have been detected, 12% more than 2019.
Passwords lie at the heart of the data breaches: according to the Verizon Data Breach Investigations Report 2021, 80% of breaches were related to compromised and weak credentials and 29% because of stolen passwords. Furthemore, the World Economic Forum has reported that nearly 50% of IT help desk costs are related to reset corporate passwords, especially for large enterprises. Each single password reset costs businesses $70. The increase of credential thefts showed how the traditional authentication methods, such as passwords, codes and tokens, are still too vulnerable today, not very user-friendly, especially for those who work in large companies, financial institutions and Public Administration.
To fix the trade-off between security and usability, more and more companies are choosing to invest in innovative technologies and passwordless solutions. According to Gartner, “by 2022, Gartner predicts that 60% of large and global enterprises, and 90% of midsize enterprises, will implement passwordless methods in more than 50% of use cases — up from 5% in 2018”.
WHY TOOTHPIC IS THE BEST SOLUTION FOR COMPANIES?
At ToothPic we invented, developed and patented a unique Multifactor Authentication technology turning every smartphone into a secure authentication key to access online services using a hardware characteristic of the device itself: the unique and unclonable pattern of manufacturing imperfections of camera sensors.
As we believe the user experience is one of the most important keys in the authentication process, we at ToothPic created a solution with a streamlined user experience: meaning that companies don’t need additional passwords, other tools or external devices. The employees can authenticate themselves just with a simple tap on their smartphone.
In contexts where the workforce is distributed between office and home, the solution developed by ToothPic can be used for many use cases: secure authentication, digital signature and critical documents sharing.
Let’s discover together every single application of ToothPic.
In the Corporate area, the passwordless solution provided by ToothPic protects the authentication of company’s staff to online corporate resources: nowadays companies have moved part of their activities and documents to the cloud, with the risk, however, of amplifying the attack surface for hackers. In this context, ToothPic allows employees to use their smartphone as a secure authentication key to access corporate platforms, protecting their identity and sensitive data.
On the managerial level, ToothPic technology fulfills the needs of the digital signature. The use of digital signature has increased due to remote work, especially in cases where offices are distributed all over the world. One of the common practices is sharing physical authentication devices, such as hardware tokens, with colleagues. These tools, in addition to being very expensive, increase the risk of credential theft, as they can be easily lost or stolen.
With ToothPic, companies can allow customers and employees to use their smartphone as a digital signature device to sign contracts, policies and agreements. In fact, ToothPic recognizes the device used by employees to sign documents and securely stores the keys on smartphones, encrypting them through the unique and unclonable imperfections of photographic sensors. In this way, confidential documents are protected from malware.
Confidential documents can be intercepted or sent by mistake to people other than the recipient, compromising their confidentiality and revealing sensitive information. ToothPic has implemented a technology that allows only a specific smartphone – therefore only the recipient – to decrypt messages and documents, thus avoiding the risk of confidential information being stolen or intercepted by third parties.