Lloyd's updates its password policy


Lloyd's has moved to make access to its applications more secure by updating the Market's password policy and enabling multi-factor authentication (MFA)

Lloyd’s has moved to make access to its applications more secure by updating the Market’s password policy and enabling multi-factor authentication (MFA). MFA adds a layer of protection to the sign-in process.

When accessing accounts or applications, users are required to provide additional identity verification using the Microsoft Authenticator app. MFA will be enabled for all Lloyd’s applications accessed by the Market and all Lloyd’s applications hosted by LIMOSS Single Sign On. MFA is already enabled for Secure Share, while the measure will apply to Market-facing applications from November 30, 2022.

Additional identity verification will be required for Market Data Collection and SharePoint Online services on the first of December 2022. As for passwords, users of Lloyd’s applications will be prompted to change them on January 18, 2023. The new password length will be at least 15 characters, up from 12 currently.

In October 2022, Lloyd’s had to conduct a cybersecurity investigation after detecting unusual activity on its network. No evidence of any compromise was found at the time. Multi-factor authentication The main benefit of MFA is it will improve an organisation's security by requiring users to identify themselves by more than a username and password.

While important, usernames and passwords are vulnerable to brute force attacks and can be stolen by third parties. Enforcing the use of an MFA factor like a thumbprint or physical hardware key means increased confidence that the organisation will stay safe from cyber criminals. MFA works by requiring additional verification information.

One of the most common MFA factors that users encounter are one-time passwords (OTP). OTPs are those 4-8 digit codes that are often received via email, SMS or some sort of mobile app. With OTPs, a new code is generated periodically or each time an authentication request is submitted.

The code is generated based upon a seed value that is assigned to the user when they first register and some other factor which could simply be a counter that is incremented or a time value. Lloyd’s improvements on security In July 2022, Lloyd’s has announced a collaboration with the global identity verification and fraud prevention platform iDenfy to add an extra layer of security when handling online data. The selected Technology Errors and Omissions Coverage insurance provides technology performance and protection from potential technology failures.

As iDenfy works in a risky field and manages sensitive data, it requires an extra layer of protection, which is why it decided to benefit from cybersecurity insurance and partnered with Lloyd’s. At the same time, Lloyd’s is one of the biggest insurance platforms and it is known for its wide range of specialists. Part of the company’s available capital is based on subscription, which means Lloyd’s underwriters come together with syndicates to mitigate risks and programmes.

iDenfy’s chosen cybersecurity plan from Lloyd’s includes access to a professional Claims Department and an in-house legal team that provides 24/7 support. .


Nov 25, 2022 11:07
Original link