When it comes to hedge fund security, many firms use multifactor authentication to keep their IT environment secure. And with the release of the SEC’s OCIE Cybersecurity Initiative in 2014, it is even more important for hedge funds to implement security measures, including multifactor authentication, which will enable them to keep sensitive data protected. Although there has recently been an enhanced focus on multifactor authentication for hedge funds and other investment management firms, the technology has been in existence for many years. Read on to learn more about the history of multifactor authentication and how it works to keep your firm secure.
Multifactor authentication is a security policy in which users must utilize more than one form of authorization before completing a transaction. Multifactor authentication policies require the user to combine a variety of credentials to verify the authenticity of the user. However, multifactor authentication has long been used by organizations to ensure transactions are completed securely. As cyber breaches are on the rise in the workplace, including at hedge funds, organizations have had to adjust by implementing more in-depth security policies that include multifactor authentication.
The purpose of multifactor authentication is to add additional layers of verification on top of transactions in order to ensure that they are legitimate, in a variety of environments. Historically, multifactor authentication has been commonly used to protect data when users are working remotely. Recently, with the growth of the cloud, a new area of focus has been on securing applications provided through the cloud. The focus on securing the cloud is due to the fact that if password credentials are misplaced, or fall into the hands of the wrong individual, an application’s critical data can be compromised. As a result, it is vital to implement an additional step to verify the authenticity of the user.
The layered approach employed by multifactor authentication makes it more challenging for unauthorized users to access whatever device or system is targeted by forcing them to provide multiple sources of information. The key to multifactor authentication is to make users present confirmation factors from a variety of knowledge areas, and often requires a three step verification process. In this process, users are required to substantiate information from various sources, including personal facts and codes from physical devices, such as tokens with consistently changing number patterns.
Moving forward, hedge funds and investment management firms will need to be aware of the importance of implementing security measures, such as multifactor authentication, for their firms. To learn more about cybersecurity planning, visit our security page.