Background
In 2023, a leading public sector education institution faced escalating cybersecurity threats, including sophisticated spear phishing attacks. To enhance information security and user authentication, they sought a robust Multi-Factor Authentication (MFA) solution, opting for the security of Passkeys and FIDO2 Security Keys.
Challenges
- Phishing Attacks: The education sector experienced a significant rise in phishing incidents, accounting for 36% of all breaches in 2023. These attacks threatened to compromise user credentials and data integrity.
- User Resistance: Staff hesitated to use personal devices for work, and limited distribution of institution-issued devices posed adoption challenges.
- Device Management: The institution aimed to minimize the complexity of managing additional hardware, seeking a solution that reduced administrative burdens.
The Road to FIDO: Enhancing User Experience
After evaluating various MFA/2FA methods, the institution selected FIDO Authentication for its seamless integration with existing systems. Thetis.io’s FIDO Authentication was chosen for providing a secure and user-friendly experience without requiring additional devices like HID cards, which were incompatible with computer access.
Solution
The institution implemented FIDO2 as a second-factor authentication method, opting for Thetis.io’s FIDO2 Dual-Port Security Keys. These keys adhere to FIDO2 standards and support multiple connection methods (USB A, USB C, NFC), ensuring robust security and ease of use across various devices.
Use Cases
- FIDO2 Security Keys: Used for secure access to sensitive educational data, these keys enabled staff to authenticate without complex passwords, reducing phishing risks. Explore FIDO2 security keys.
- Biometric Keys: Integrated fingerprint recognition streamlined login processes for faculty and staff, providing quick and secure access to digital resources. Learn more about Biometric Keys.
- Contactless Keys: NFC-enabled keys facilitated easy authentication for students accessing campus services, enhancing convenience and security. Check out our contactless solutions.
Implementation Process
1. Needs Analysis:
- Conducted a comprehensive assessment of security vulnerabilities and identified critical requirements tailored to educational environments.
2. Supplier Selection:
- Chose Thetis.io for its FIDO2-compliant solutions, ensuring broad compatibility and robust support across educational settings. Inquire about enterprise-level cooperation.
3. Technical Integration:
- Integrated FIDO2 technology into existing systems, adjusting backend and frontend interfaces tailored for educational software and platforms.
- Conducted rigorous testing to ensure system stability, security, and user satisfaction.
4. User Training and Promotion:
- Provided detailed guides, email campaigns, and online tutorials to educate users on the new system, emphasizing ease of use and security benefits.
- Offered ongoing support to ensure a smooth transition to passwordless authentication, with dedicated sessions for IT staff and educators. Access training materials.
Results and Impact
- Enhanced Security: The new system significantly reduced phishing-related breaches and unauthorized access incidents, with reports showing a 50% decrease in such incidents where FIDO2 solutions are implemented.
- User Confidence: Faculty and staff reported increased trust in the institution’s digital security measures, enhancing overall confidence and engagement.
- Improved User Experience: Streamlined login processes reduced login times, resulting in higher user satisfaction and engagement, allowing educators to focus more on teaching rather than technical issues.
Lessons Learned
- Continuous Improvement: Regular updates and feedback are essential for maintaining high security standards and addressing new threats, especially in rapidly evolving digital learning environments.
- Effective User Education: Clear communication and thorough training are critical for a successful transition to new security systems, ensuring that all users understand and trust the new authentication process.
Due to client confidentiality agreements, specific data has been withheld. This report has been reviewed and approved for publication by our collaborating partners. For more information on how Thetis.io can enhance your organization’s security with our cutting-edge solutions, contact us today!