An alarming number of employees put themselves and their company at risk every day. How? By using weak passwords to access company data, software, and devices. As cybercriminals become savvier, even a password you think is strong may not be enough to keep out unauthorized individuals.
We’ve talked about two-factor authentication before in regards to keeping your email safe and secure. As time goes on though it’s becoming more and more important to follow these practices with everything, not just your email.
What is Two-Factor Authentication?
Two-factor authentication (2FA), or multi-factor authentication (MFA) as it’s increasingly known, is an easy way to add another layer of protection between your important and often confidential data and cybercriminals. In addition to your current passwords, a secondary identity verification is required to gain access. There are a number of different systems your company can utilize to achieve this, and most can be set up to work in conjunction with the security protocols you have in place already.
Some of the more popular forms of secondary verification are:
- Automated phone calls
- PIN codes sent via text message
- Smartphone apps
- Physical security tokens
Automated phone calls and text pin codes are pretty self-explanatory, in that all this form of verification requires is you to answer a phone call or input a PIN that has been texted to your mobile device after putting in your password.
For smartphone apps, one of the most popular is “Google Authenticator”. It’s free and was really the original authentication app for the masses. Once setup, it produces a new one-time passcode every minute or so that needs to be entered alongside a password as an additional layer proving that you are who you say you are. Through the magic of the algorithm embedded in the app, it can even do this without any connectivity meaning that you aren’t locked out even if your mobile device doesn’t have a signal.
Security tokens work essentially like Google Authenticator except that it is a physical device that generates the one-time passcode you need to log-in. Another difference between this and a smartphone app is that these physical devices generally have a separate, static password or PIN that you have to input before it will provide you with the auto-generated login passcode that you need, preventing against loss or theft of the physical token.
These days, MFA is increasingly easy to implement on login accounts, ensuring that data stored on your own devices, a corporate network, or in a cloud-based application has an extra layer of security against those who may compromise your simple password login.
A multi-factor login system may seem like a daunting thing to implement, and indeed the backend systems required to make such things work can be complex. But with most cloud-based services and email providers supporting MFA “out of the box”, there is little reason not to use it wherever possible. For your existing business infrastructure that may require some more sophisticated setup, call in an expert like IT Freedom. It may be easier and cheaper than you expect to do one of the most effective things out there to protect yourself from the rising tide of information crime.
At IT Freedom, we have become experts in sophisticated security measures via our work protecting our own infrastructure and that of our clients. If you have any questions, or would like to see how multi-factor authentication could work in your business, give us a call!