All business owners understand the importance of keeping staff computers and devices safe, and we’ve looked at why it’s a good idea to have a clear policy around password setting and sharing.
However, if you want to improve your security, you should consider implementing two-factor authentication.
What is two-factor authentication?
Two-factor authentication, also known as 2FA, is a way of adding extra protection to any service which requires a username and password to access it.
There are different types of 2FA, and you should think carefully about which is most appropriate for your business, and how best to implement it. If you have a third-party IT support partner, ask them for their advice.
Whichever type you choose, some things will be the same. The system asks for a username and a password, which should be memorable to the person but not too simple. After they’ve successfully entered both of those, they will then be asked to perform an additional action to verify themselves - usually a code that is generated from an additional service such as a mobile phone.
You’ll be used to doing this with your bank and their card readers like the ones that Barclays use, for example, and you may also have this set up on your Google accounts using Google authenticator.
Most services now have 2fa available to be configured.
If a mobile phone isn't suitable, hardware tokens can be carried by the user and will generate a numeric code in the same way as the phone will. However, if you have a lot of employees, issuing them all with a token could be costly. There is also the danger that they could be lost, misplaced or stolen.
Tokens can also be connected to each machine you have, with the user required to swipe a card or similar.
Why should your business use 2FA?
Unfortunately, most server breaches are down to human error. This can often be as simple as sharing a password, using the same one all the time and only changing one digit, or choosing something easy for a hacker to guess.
If a user does have their password compromised then this extra line of defence will stop the attacker as they will not have access to the device generating the code.
Cyber criminals are using increasingly sophisticated methods to gain access to systems and introduce malware or other spam. The rise in the use of cloud storage also makes your data more vulnerable to outside attacks, and if you use public or shared cloud storage, you can also suffer a data breach so should consider enabling 2fa on all of your services.
The more secure your information, the better. Email or data hosting services being compromised is a major risk to the future of your business – you may lose clients if their information is breached, and a cyber attack might put off new customers from choosing to work with you.
Our experienced team can help answer any questions you have about the use of 2fa, so why not contact them today, they would be only too happy to help.