{"id":37,"date":"2025-10-30T13:10:27","date_gmt":"2025-10-30T10:10:27","guid":{"rendered":"https:\/\/deomis.com\/blog\/?p=37"},"modified":"2025-10-30T13:10:27","modified_gmt":"2025-10-30T10:10:27","slug":"sifreniz-kirik-bir-kilit-gibidir-modern-guvenligin-cevabi-duo-mfa","status":"publish","type":"post","link":"https:\/\/deomis.com\/blog\/sifreniz-kirik-bir-kilit-gibidir-modern-guvenligin-cevabi-duo-mfa\/","title":{"rendered":"\u015eifreniz K\u0131r\u0131k Bir Kilit Gibidir. Modern G\u00fcvenli\u011fin Cevab\u0131: Duo MFA"},"content":{"rendered":"\n

Finans departman\u0131n\u0131zdaki bir \u00e7al\u0131\u015fan, sabah kahvesini yudumlarken “BT Departman\u0131’ndan Gelen Acil G\u00fcvenlik Uyar\u0131s\u0131” ba\u015fl\u0131kl\u0131 bir e-posta al\u0131r. Linke t\u0131klar, her zamanki gibi g\u00f6r\u00fcnen Microsoft 365 giri\u015f ekran\u0131na \u015fifresini yazar ve \u00e7al\u0131\u015fmaya devam eder. Hi\u00e7bir \u015fey olmam\u0131\u015ft\u0131r.<\/p>\n\n\n\n

Asl\u0131nda her \u015fey olmu\u015ftur. O an, bir siber sald\u0131rgan \u015firketinizin en kritik verilerine eri\u015fim sa\u011flayan bir anahtar\u0131 kopyalam\u0131\u015ft\u0131r.<\/p>\n\n\n\n

Bu senaryo size tan\u0131d\u0131k geliyorsa, siber g\u00fcvenli\u011fin en temel ger\u00e7e\u011fiyle y\u00fczle\u015fme vaktiniz gelmi\u015f demektir: Parolalar art\u0131k tek ba\u015f\u0131na yeterli de\u011fil. Hatta en b\u00fcy\u00fck g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131z haline geldiler.<\/strong><\/p>\n\n\n\n

Parola Paradoksu: Neden En G\u00fc\u00e7l\u00fc \u015eifre Bile Zay\u0131ft\u0131r?<\/strong><\/h4>\n\n\n\n

IT ekipleri olarak y\u0131llard\u0131r kullan\u0131c\u0131lara daha karma\u015f\u0131k \u015fifreler kullanmalar\u0131n\u0131 s\u00f6yledik: “En az 12 karakter olsun, b\u00fcy\u00fck harf, k\u00fc\u00e7\u00fck harf, rakam, sembol i\u00e7ersin!” Peki bu i\u015fe yarad\u0131 m\u0131? Pek say\u0131lmaz. Karma\u015f\u0131k \u015fifreler unutulur, not ka\u011f\u0131tlar\u0131na yaz\u0131l\u0131r ve en \u00f6nemlisi, \u00e7al\u0131nd\u0131klar\u0131nda hi\u00e7bir anlamlar\u0131 kalmaz.<\/strong><\/p>\n\n\n\n

Yukar\u0131daki senaryoda \u00e7al\u0131\u015fan\u0131n \u015fifresinin ne kadar karma\u015f\u0131k oldu\u011funun hi\u00e7bir \u00f6nemi yoktur. \u00c7\u00fcnk\u00fc hackerlar art\u0131k \u015fifre k\u0131rmaya \u00e7al\u0131\u015fm\u0131yor; kullan\u0131c\u0131lar\u0131 kand\u0131rarak \u015fifrelerini kendi elleriyle vermelerini sa\u011fl\u0131yorlar.<\/strong> Buna “Phishing” veya “Oltalama” diyoruz ve g\u00fcn\u00fcm\u00fczdeki veri ihlallerinin bir numaral\u0131 sebebidir.<\/p>\n\n\n\n

Eski \u00c7\u00f6z\u00fcm Neden Yetersiz? SMS ile Gelen Kodlar<\/strong><\/h4>\n\n\n\n

“Bizde iki fakt\u00f6rl\u00fc kimlik do\u011frulama var, SMS ile kod geliyor” diyebilirsiniz. Bu, hi\u00e7 olmamas\u0131ndan iyidir, ancak bu y\u00f6ntem de art\u0131k eskidi. Hackerlar, “SIM Swapping” ad\u0131 verilen y\u00f6ntemlerle telefon numaran\u0131z\u0131 ele ge\u00e7irip SMS kodlar\u0131n\u0131 kendilerine y\u00f6nlendirebiliyorlar. K\u0131sacas\u0131, kalenizin kap\u0131s\u0131na ikinci bir ah\u015fap kilit takmak gibi; biraz daha g\u00fcvenli ama hala k\u0131r\u0131labiliyor.<\/p>\n\n\n\n

Modern \u00c7\u00f6z\u00fcm: “Asla G\u00fcvenme, Her Zaman Do\u011frula” (Zero Trust) ve Duo MFA<\/strong><\/h4>\n\n\n\n

Modern siber g\u00fcvenlik, “S\u0131f\u0131r G\u00fcven” (Zero Trust)<\/strong> ad\u0131n\u0131 verdi\u011fimiz basit ama g\u00fc\u00e7l\u00fc bir prensibe dayan\u0131r: A\u011f\u0131n i\u00e7inden veya d\u0131\u015f\u0131ndan gelsin, her eri\u015fim talebi \u015f\u00fcphelidir ve do\u011frulanmal\u0131d\u0131r.<\/p>\n\n\n\n

\u0130\u015fte Cisco Duo Security<\/strong>, bu felsefeyi hayata ge\u00e7iren en kullan\u0131c\u0131 dostu ve en etkili ara\u00e7t\u0131r. Duo, bir kullan\u0131c\u0131n\u0131n sadece “bildi\u011fi bir \u015feye” (parola) de\u011fil, ayn\u0131 zamanda “sahip oldu\u011fu bir \u015feye” (genellikle cep telefonu) dayanan \u00c7ok Fakt\u00f6rl\u00fc Kimlik Do\u011frulama (Multi-Factor Authentication – MFA)<\/strong> sa\u011flar.<\/p>\n\n\n\n

Peki Duo bunu nas\u0131l yapar ve neden farkl\u0131d\u0131r?<\/p>\n\n\n\n

    \n
  1. Tek Dokunu\u015fla Onay:<\/strong> Kullan\u0131c\u0131 \u015fifresini girdikten sonra, telefonuna “Giri\u015f iste\u011fini onayl\u0131yor musunuz?” diye basit bir anl\u0131k bildirim (push notification) gelir. Kullan\u0131c\u0131 bildirime dokunur ve “Onayla”ya basar. SMS kodu girmekle, karma\u015f\u0131k say\u0131larla u\u011fra\u015fmakla vakit kaybetmez.<\/li>\n\n\n\n
  2. Cihaz Sa\u011fl\u0131\u011f\u0131 Kontrol\u00fc:<\/strong> Duo sadece “kimsin?” diye sormaz, ayn\u0131 zamanda “hangi cihazla ba\u011flan\u0131yorsun?” diye de sorar. E\u011fer \u00e7al\u0131\u015fan\u0131n ba\u011fland\u0131\u011f\u0131 bilgisayar\u0131n i\u015fletim sistemi g\u00fcncel de\u011filse veya g\u00fcvenlik yaz\u0131l\u0131m\u0131 eksikse, eri\u015fimi engelleyebilir. Bu, vir\u00fcsl\u00fc bir cihazdan a\u011f\u0131n\u0131za s\u0131z\u0131lmas\u0131n\u0131 \u00f6nler.<\/li>\n\n\n\n
  3. Geni\u015f Koruma:<\/strong> VPN, bulut uygulamalar\u0131 (Microsoft 365, Google Workspace), sunucu eri\u015fimleri… \u015eifre ile korunan neredeyse her sistemi Duo ile g\u00fcvence alt\u0131na alabilirsiniz.<\/li>\n<\/ol>\n\n\n\n

    Parola H\u0131rs\u0131zl\u0131\u011f\u0131n\u0131 \u0130mkans\u0131z Hale Getirin<\/strong><\/h4>\n\n\n\n

    Duo MFA devredeyken, oltalama sald\u0131r\u0131s\u0131yla \u015fifrenizi \u00e7alan bir hacker hi\u00e7bir \u015fey yapamaz. \u00c7\u00fcnk\u00fc \u015fifreyi girdikten sonra onay iste\u011fi, \u00e7al\u0131\u015fan\u0131n ger\u00e7ek telefonuna gider. Hacker’\u0131n elinde o telefon olmad\u0131\u011f\u0131 i\u00e7in, giri\u015f denemesi ba\u015far\u0131s\u0131z olur. Bu kadar basit ve bu kadar etkilidir.<\/p>\n","protected":false},"excerpt":{"rendered":"

    Finans departman\u0131n\u0131zdaki bir \u00e7al\u0131\u015fan, sabah kahvesini yudumlarken “BT Departman\u0131’ndan Gelen Acil G\u00fcvenlik Uyar\u0131s\u0131” ba\u015fl\u0131kl\u0131 bir e-posta al\u0131r. Linke t\u0131klar, her zamanki gibi g\u00f6r\u00fcnen Microsoft 365 giri\u015f ekran\u0131na \u015fifresini yazar ve \u00e7al\u0131\u015fmaya devam eder. Hi\u00e7bir \u015fey olmam\u0131\u015ft\u0131r. Asl\u0131nda her \u015fey olmu\u015ftur. O an, bir siber sald\u0131rgan \u015firketinizin en kritik verilerine eri\u015fim sa\u011flayan bir anahtar\u0131 kopyalam\u0131\u015ft\u0131r. Bu […]<\/p>\n","protected":false},"author":1,"featured_media":39,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1,5],"tags":[],"class_list":["post-37","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-duo-security"],"_links":{"self":[{"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/posts\/37","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/comments?post=37"}],"version-history":[{"count":1,"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/posts\/37\/revisions"}],"predecessor-version":[{"id":38,"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/posts\/37\/revisions\/38"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/media\/39"}],"wp:attachment":[{"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/media?parent=37"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/categories?post=37"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/deomis.com\/blog\/wp-json\/wp\/v2\/tags?post=37"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}