Menu
      

Chuck Fields
/ Categories: Blog

What Multi-factor authentication is and why you need to enforce it NOW to prevent from getting hacked

(This is also available as an OnlineCoffeeBreak.com podcast)

We need to discuss the importance of multi-factor authentication to protect yourself and your business from hackers. It seems lately that there’s a large-scale security breach on the news just about every week. From 3 billion Yahoo accounts to half the U.S. population affected by the Equifax breach, we’ve seen major companies take a hit in the last 12 months. Keeping yourself and your company protected is getting harder. And unfortunately, hacking is on the rise. But there are steps you can take to guard against it. Today we’re going to discuss multi-factor authentication and how implementing it can help keep your information safe:

 

  1. What is multi-factor authentication
  2. Adopt it for yourself
  3. Mandate it for your team

 

  1. What is multi-factor authentication?

You may have heard the term two-factor (or two-step) authentication, also known as 2FA. That’s a method of confirming a user’s identity by using a combination of two different components. An example of this is when a person withdrawals money from an ATM. They insert their bank card (something they have “possession”), but then have to enter their PIN (something they know).

So 2FA requires two components: 1) something the user has and 2) something they know

Most of us are quite familiar with two-factor authentication. For example, typically when logging on to your bank app for the first time from a computer you’ll have a verification code sent to your mobile phone. Then of course you’ll have to enter that code in order to complete the login process.

Another example occurs when using an email service such as Google’s gmail. If you try logging in to gmail on a computer you’ve never used before you’ll have to request a verification code sent either as text to your phone or request a phone call to confirm your identity. This is a great way to ensure that you are the right person to have access to the account.

Imagine if all you needed was just a password or pin. All it would take is a hacker to guess or steal your password and they would have complete access to your account. By requiring the extra step of something a user has in their possession, such as their mobile phone, you’re able to increase the security of your account. Even if your password is stolen, a hacker wouldn’t be able to get into your account without access to your phone. Furthermore, you would receive notification on your phone that would inform you that someone else is trying to get into your account. So at this point you could change your password and if needed contact the service provider to let them know someone is trying to target your account.

2FA is a type of Multi-factor authentication. 2FA just requires two different components. Multi-factor authentication is simply a method of computer access control that grants a user access as long as they present evidence in at least two of the following categories: 1) something they have, 2) something they know, or 3) something they are (also called inherence).

So what is Inherence? These are usually bio-metric methods, including fingerprint readers, voice recognition and retina scanners.

Now lots of phones lately have been venturing into the new age of bio-metric methods, especially fingerprint readers. IPhone 10 has received much attention recently with it’s facial recognition, although some of the media coverage hasn’t been as flattering due to some difficulty in distinguishing between family members in a small number of cases. Of course as technology evolves it will certainly get better at facial recognition over time.

So now that you know what multi-factor authentication is, what’s next?

 

  1. Adopt it for yourself—Now!

If you haven’t yet used 2FA for all of your accounts, you need to—RIGHT NOW! It’s not worth the risk of having just a single entry password into your important accounts. Your weakest link could open you up to a hack attempt that could easily steal your identity with a single keystroke.

Just a few months ago I had a person contact me after they realized their email was hacked. This created hours of frustration for them as they struggled to get back online, but it could have easily been avoided had they turned on 2FA in the first place.

So how do you turn on two-factor authentication? For email such as Gmail or Office365, it’s relatively simple, you simply go to your account and turn it on. Or you might have to contact your account administrator to turn on 2FA. I’ve attached links below to get you started:

Gmail: https://support.google.com/accounts/answer/185839?hl=en

Office 365: https://support.office.com/en-us/article/Set-up-multi-factor-authentication-for-Office-365-users-8f0454b2-f51a-4d9c-bcde-2c48e41621c6

If you have another email system just contact your administrator. Now if you’re extremely concerned and want to take it a step further, Google is now offering an Advanced Protection program that helps guard even more with 2 security keys; 1 that’s a bluetooth key and the other is a usb key. This is a special program that is geared towards those most at risk of targeted attacks, such as journalists, business leaders and political campaign teams.

Google's Advanced Protection Program: https://landing.google.com/advancedprotection/

After adopting multi-factor authentication for yourself, you need to move on to step #3:

 

  1. Mandate it for your team

It takes a lot of time to get an account back into a workable state after it’s been hacked. Not to mention an account at your company can leave your business vulnerable depending on what information was compromised. With that in mind, you need to mandate multi-factor authentication for all of your team members. Again, it’s not hard to turn on at least 2FA so that your team is better protected against hackers who may be targeting your company or personnel.

Every day you delay just puts your team at greater risk for being hacked. As we’ve seen in the last 12 months alone, hackers haven’t slowed down. They’ve increased their efforts which means you need to increase your efforts at stopping them. Don’t let your business be yet another in the news for a data breach.

Now to recap, we discussed multi-factor authentication today, along with what two-factor authentication is and why it’s important to implement it immediately for yourself and your team.

You have to stay diligent these days to protect your accounts and your company. So turn on 2FA today and stay on top of the latest trends to keep your information safe in the digital age.

I hope you’ll find these tips helpful for keeping hackers at bay and protecting your accounts. If you know someone else who could benefit from this information, please share this with them

Previous Article Is your website driving away customers? 3 steps to keep them coming back
Next Article Is it time to revamp or rewrite your website?
Print
169 Rate this article:
5.0

Name:
Email:
Subject:
Message:
x