In order to prevent companies from giving passwords to untrustworthy people, companies have created secure ways to set up their security. For a long time, security people have considered using a keychain token device service to increase security.
These devices will generate regular passwords, that work ONLY within the time the code is displayed. In essence, these are one time passwords. This device can be assigned to a specific limited website or otherwise that will protect a company from inadequate passwords and inadequate security to many electronic files. These devices change their information (new passwords) every 15 seconds, 30 seconds or 90 seconds.
According to a recent problem within a US construction company, an employee who used this device was unknowingly using a computer that had a key stroke logging program which logged into their secure bank site at the same time the employee was logging into a secure bank account, and transferred over $40,000 USD into other accounts in a very short time.
Read the article “Real-Time Hackers Foil Two-Factor Security” for more information. The lesson learned here is that their security breach happened on this machine before the day of the theft. Ways to reduce the intrusion on this Windows machine is to keep an Internet Policy updated and enforced within a place of work. Also to block websites within the network, encourage training on what causes computer infections and how to prevent them. Finally, updating the computers regularly, keeping a current and functioning anti-virus software always running in all Windows machines and avoid using Internet Explorer for any kind of website research or flash games.
Contact us for more details.