Techgig posted an article titled, ‘How to avoid online identity theft‘ which details some of the ways people can have their identity stolen from simple over the shoulder skimming to more sophisticated phishing scams. The focus of the article is one of personal safety but the identity theft techniques listed, from over the shoulder skimming to phishing scams, are valid attack vectors for users in their working environment too, businesses are just as susceptible.
The @AP twitter hack is a recent example of the importance of securing your business accounts/identities and one of the best ways to do this is through multi-factor authentication. The @AP twitter account hack could have been avoided if some form of OTP authentication scheme was in place.
Nervepoint Access Manager secures all user password self service actions behind multiple forms of authentication, any password resets, account unlocks, password changes, profile updates are all secured with not just web based challenges, there is also email, SMS as well as IP based restrictions. This reduces the chances of identity theft attempts considerably.
For general advice on implementing two-factor authentication across your other business services/applications refer to a great article by GFI titled, ‘13 for ’13 Jumpstart: Multifactor Authentication‘