Picture this scenario. John, in your accounting department, regularly accesses personal client and staff data like bank account information and social security numbers. He uses the same password on all accounts because it’s easy to remember and has been his password for years.
All a cybercriminal needs to do is obtain John’s username and password from the Dark Web to steal all the personal data in your system. If the breach is made public, your reputation and business could be ruined.
Are you willing to place the security of your company in a weak password? We aren’t, which is why we recommend business owners use 2-factor authentication on all primary applications. Check out the Q&A below to see how this simple security tool can help you sleep a little better at night, knowing you’re preventing attacks.
Q: What is 2-Factor Authentication?
2-factor authentication is a security measure you add to the login process to safeguard your organization. After you enter your username and password (1 factor) you’re asked for a second way to confirm your identity before you can access the account. The extra step introduces a layer of complexity and security in case your password is compromised.
Q: How Do I Get the Code?
Codes can be sent as text messages or generated within smartphone apps or on key fobs. Generated codes expire within a certain amount of time and on key fobs change every 10 or 15 seconds.
On-Site Tip: Even if you don’t want to use a key fob as your primary 2-factor method, it’s a good backup. There could be times when you have poor service or your phone is broken and you can’t access it for the code. If you have a key fob, you’ll still be able to access your business applications. However, you need to take care of the fob and be sure you don’t lose it.
Q: What Are the Benefits for Small Businesses?
Two-factor authentication is one of the easiest, most cost-effective security measures businesses can implement. Bonus: when it is included in software, like Office 365, it won’t cost you anything to turn on.
If it’s not included, think about what the information is worth. Do you want cybercriminals to be able to easily access your accounting software? Ask what each application is worth to you to identify which need another layer of security.
Q: How Do I Get Started with 2-Factor Authentication?
Some applications, like Office 365, have 2-factor authentication built in and you can turn this feature on. Others require third-party software.
You may experience pushback if your team thinks 2-factor authentication is a time-consuming extra step. But, you need to enforce the policy. Cybercriminals are always looking for opportunities and you need to do everything you can to keep your data and money safe. Your employees will quickly get used to the process.
Q: Is It Possible I Could Be Hacked with 2-Factor Authentication Enabled?
Yes. Nothing is absolutely safe. You need to think about the motivations of the cybercriminal. Obtaining the credentials of a person who has used the same password for 5 years is relatively easy. Cracking 2-factor authentication is harder. It can be done, but probably isn’t worth the hacker’s time.
Remain vigilant to stay secure
There are threats 2-factor authentication can’t mitigate. You could have the latest security tools available but, if you invite a hacker in by replying to a phishing email, those precautions won’t matter. One piece of advice we give organizations is: never verify requests over email – especially when money is involved. Pick up the phone or go see the person and check before replying.
Q: Can I Use a Weak Password If I Have 2-factor Authentication?
No, 2-factor authentication is meant to provide an additional safeguard for your business. Ineffective or old passwords weaken the security chain. You need to combine multiple security layers into a comprehensive strategy.
Q: Which is More Secure – 2-factor Authentication or Biometrics?
Both are effective. You should choose the most convenient method for you. Either way, you’ll have added another layer to keep your organization secure and safe.
Take a Comprehensive Approach to Security
Cybercriminals are always looking for new ways to access your data, and there is no single tool you can use to thwart every method. To truly protect your business, you need to apply a mix of innovative tools, physical safeguards and common sense. Two-factor authentication is one of the most cost-effective methods you can employ.
Contact us to talk about which safeguards will increase your security profile.
Mike Bowe | Published on August 26, 2019