Since the world went remote in response to COVID19, companies are more vulnerable than ever and attacks are up by 667%. The main way attackers try and succeed at getting in is by phishing and social engineering employee accounts (81% of successful attacks). Organizations are fighting back by protecting employee accounts with two-factor, or multi-factor authentication (2FA / MFA) where employees need their phone as well as their password to gain access: type in your password, get a text or a popup, respond, and your in. This is effective at stopping attacks but can be hard on employees. For example, what happens when an employee inevitably loses their phone? Check out the demo below to see how TWOSENSE.AI helps teams with this:
This is a big problem for our customers TWOSENSE.AI, so we have been digging in. Here’s what usually happens when an employee loses their phone in an Uber, drops it in the toilet, or it’s lifted out of their pocket in Times Square. When their session expires, they’re blocked because they don’t have their 2nd-factor device. After struggling for a while (this can be very frustrating) the first helpdesk ticket is created. IT usually will have a way to allow a user in, e.g. with one-time access, or over-the-phone TOTPs. By now though, we’ve lost a day of work on the employee’s side and an hour or two at the helpdesk. Now after a day or so they get their replacement phone, and the inevitable second helpdesk ticket is created: “I’m locked out and need a 2nd factor to enroll my new second factor. Can you help?” Here the team goes through a second cycle of IT and the employee working together to solve the problem.
While this may only happen rarely for each employee, statistically 1 in 20 employees will lose a device every year. This means that this is a terrible few days for the employee, but an ongoing nightmare for the helpdesk, sucking time, budget, and resources. In fact, 40% of IT helpdesk tickets are related to access, so they are jammed and clogged with these types of requests. At TWOSENSE.AI, we’ve been working hard to automate identity security instead of relying on user and helpdesk effort. With TWOSENSE.AI, users are able to get and maintain access securely even without their 2FA device. When they get their replacement phone, they can use TWOSENSE.AI to enroll that new device in a few seconds, themselves without needing to involve the helpdesk at all.
Our customers are really excited about this and other benefits of adding TWOSENSE.AI’s continuous authentication to their identity security stack. If you’d like to make that demo part of your workday, and give your employees and IT a break from the drudgery of MFA, reach out to us.