The Importance of Two-Factor Authentication (Is Your Business Secure?)
With security breaches, digital crime and internet fraud on the rise, the importance of two factor authentication is real. Most of the recent breaches have been password related. Yes, this includes the highly talked about celebrity iCloud photo leak, the password security breach for DropBox, and the United States Postal Service has even fallen victim.
If big name companies, and celebrities can be targets of data breaches, what is to stop this from happening to you?
One way is to ensure the use of two-factor authentication (2FA), which requires two steps in the verification process, making the act of stealing your information twice as difficult.
The basic requirement principles of 2FA involve three different forms to identify and authenticate; these are something you know, something you have, and something you are. Something you know could be a username and password, something you have is a possession, and something you are could be facial recognition, a fingerprint or an eye scan.
More Common Than You Think
The importance of two factor authentication is apparent when it comes to valuable data and/or finances. Most individuals may not realize that using the ATM or online banking requires two-factor authentication.
The ATM demands the PIN that you know and the ATM card that you have. Online banking asks for a username and password, and then usually proceeds in wanting a verification code that is sent through either email or text.
There are a couple of challenges that businesses have faced when implementing 2FA. Some companies do not possess the infrastructure to support it, causing the initial process to become a little more involved when acquiring the necessary infrastructure. It is also difficult to gain, within the company, the expertise of someone who truly knows how to setup 2FA, understands the security component, and makes sure it is working properly.
The biggest issue, however, is getting the employees, or end users, to understand why 2FA is important. This cultural change can mean the difference between it running smoothly, and a total lack of valuing the benefits. With no perceived value, usually follows the failure of the process. One company that has handled this very well is Cook Security Group of Portland. They have established 2FA for every one of their employees that needs access to the company’s sensitive data systems. The authentication system requires a username and password, and then prompts the user for a verification code that is sent from the system to the user’s cellphone; all are phones were provided from the company directly.
What Happens if They Lose the Cellphone?
This is a major concern for companies that have their employees accessing sensitive information on a mobile device. With 2FA, this is no longer a problem. Here are a few safeguards in place to make it easy to address this issue in a timely manner:
- Remotely wipe the device and reset it to factory
- Disable the user account and active directory
- Disable the authentication in the two-factor system itself
Is it a Huge Time Suck?
As technology grows, the quicker and easier two-factor authentication can be implemented. Many vendors take as little as two seconds to transfer the verification code to the cellphone needed. If 2FA is setup properly, the verification is only a one-time thing that will take approximately ten minutes.
Make it harder for identity theft and phishing via email to happen to you. How? If you’re trying to figure out how to determine a phishing email from real, 2FA is one way to help.
If you require cyber criminals to gain more information than just your username and password, it’s more difficult for them. Privacy is becoming more and more of an issue as technology grows, and skipping 2FA is no longer an option. The importance of two factor authentication should be obvious now.
Take the time do this simple, ten minute process.