January 26, 2017 - Security
By Chris Luehmann and Holly Read
Construction executives have access to a litany of sensitive information. The need for security measures is high. Security is an ever-evolving industry; it has made leaps and bounds from proximal security, like a security guard or someone standing outside a door, to two-factor authentication (2FA). It is important to know how security is defined, the strengths and weaknesses of each method, and how to layer 2FA for the best solution. The progression from a physical key to 2FA has been a substantial one and can benefit the construction industry.
The first form of security is based on who you are. Your identity is verified by recognition from those around you, a security guard or receptionist at your office, as opposed to keys or passwords.
A second form of security is something you have, for example a key to get into your office or desk. This security option is not specific to the user, unlike the others. This type only checks for whomever has the key to unlock the secured area, rather than relying on something of the individual.
A third form of security is what you know. These are primarily in the forms of passwords or access codes required to enter a building or computer system. This method is easily changed.
These forms of security are still used to this day, but how have they evolved?
Proximal security methods have taken the journey through barred doors with spoken passwords, physical keys, mechanical number pads, digital number pads, access card scanners, smart cards, and finally to modern biometrics. The benefit of proximal security methods is as valid today as it has ever been. Today we combine a couple of methods and form two factor authentication.
Not all combinations will be optimal; however we have a couple you will recognize: digital number pad and a receptionist to access an office, and access card scanner and security guard to access a parking garage.
While each security system has been improved through the years, each form of security has its own set of benefits and detriments. The goal of two-factor authentication is to have the strengths of one form to cover the weaknesses of the other. What if your email is hacked and an assailant knows your passwords? In this case, a two-factor authentication app on your phone would require you to physically have your phone and type in a code in order to get into your system. This is why each of the two-factors for 2FA should be of different security types, so one type’s strengths cover the weakness of the next. Security is a balancing act between the complexity of the solution and the level of security required. This goes for physical security as well as digital security.
Construction executives often travel with some type of device that allows them to access a job site’s plan and more. It is important that the plans are securely accessed to protect the investor and integrity of the job. Two-factor authentication gives construction executives the ability to have a more secure way of ensuring that only those who need access have it, whether that be to an important file or for a physical location.
Chris Luehmann and Holly Read are part of Bennett Thrasher’s Technology Services team, which guides construction businesses with services that deliver the IT infrastructure needed to operate. Luehmann can be reached at chris.luehmann@bttechnology.net. Read can be reached at holly.read@bttechnology.net.
