BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

What You Need to Know About Two Factor Authentication

Everything You Should Know About Two Factor Authentication

Does your business use 2FA? With the prevalence of data breaches today, it’s time to start employing this simple security feature within your business.  


Without a doubt, you’ve read and heard about the rampant cybersecurity problems that are insidiously plaguing businesses today. Municipalities in places like Florida, South Carolina, and elsewhere are having access to their systems denied unless they pay hundreds of thousands of dollars. Businesses of all sizes and in all industries are being shut out of their data until they do the same.

As a business owner or manager yourself, you are probably concerned about whether your organization will fall victim to the same fate. What can you do to prevent a cybersecurity attack?

You may be surprised to know that the fate of your business’s security probably lies within a straightforward thing that you and all of your coworkers and employees use every day: passwords.

The fact of the matter is that most people in your business are putting your data and systems at risk every day with the weak login credentials they use. That is, many people use the same password for all of their accounts — both personal and business related. Furthermore, many people use passwords that are way too simple and easy to guess by hackers — the name of the street that they live on, the name of their pet, their date of birth, or their anniversary date.

It’s hard to stop people from doing this because most employees don’t think that their password really matters. They assume that it will never be guessed by anyone (how could it be?), and as long as they don’t share it with anyone, it’s good enough to keep would-be cybercriminals at bay.

Unfortunately, this is not the case.

The only way to indeed keep hackers from guessing passwords or using high-tech trial and error algorithms to uncover passwords is to use two-factor authentication, also known as 2FA.

What Is 2FA?

2FA or two-factor authentication is a security system that forces users to have two proofs of identity before they can log in to a database, program, computer, or network. This is a system that you should be using at home and within your business.

As the name implies, there are two elements of two-factor authentication. First, the user must provide something they know. This could be a password or passcode, a pin number, or the answer to a secret question.

Next, the user must provide proof of something they have. For example, the two-factor authentication prompt may ask that the individual put in their credit card number (because their credit card number is something they possess). Likewise, some organizations will give each individual employee a security token that actually stays in their possession. This might be an RSA security device, a Google Authenticator, or something else. This device will be activated when prompted during login and will provide a passcode or pin that changes frequently. Another option is biometric authentication, such as an iris scan, voiceprint, or fingerprint.

Has Your IT Services Company Spoken to You About 2FA?

As the owner or manager of your business, it shouldn’t be your responsibility to ensure the security of your sensitive data and network systems. This responsibility falls on the shoulders of your IT services company, and within their security division, one of the pillars of a robust cybersecurity strategy should be two-factor authentication.

If your IT services company has not spoken to you about employing a two-factor authentication system, don’t wait to ask them about it. The foundational necessity of this simple security measure suggests that if they haven’t already employed it, they’re probably not doing their job in other ways.

In that case, it’s time to find a new managed services provider. Give us a call, send us an email, or visit our website today to learn how we can help.

Two Factor Authentication

More Like This

AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

Original release date: May 18, 2022 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect certain versions of VMware Workspace ONE Access, VMware Identity Manager …

AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control Read More »

Read More

AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

Original release date: May 18, 2022 Summary Actions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory …

AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 Read More »

Read More

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access

Original release date: May 17, 2022 Summary Best Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security configurations (either misconfigured …

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access Read More »

Read More

157-Year-Old Lincoln College Succumbed To A Ransomware Attack

157-Year-Old Lincoln College Succumbed To A Ransomware Attack On May 13th, 2022, a college that has remained open through two world wars, the 1918 Spanish flu epidemic, and the Great Depression will close its doors. The college has been struggling to stay afloat in recent years, and the coronavirus pandemic and a recent ransomware attack …

157-Year-Old Lincoln College Succumbed To A Ransomware Attack Read More »

Read More

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers

Original release date: May 11, 2022 Summary Tactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership of ICT security …

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers Read More »

Read More

Zero Trust Networks: What Are They?

Zero Trust Networks: What Are They? The internet has brought a world of opportunity for businesses. It is easy for companies to reach out to consumers and offer them products or services without a physical storefront. However, this also opens businesses up to the risk of data breaches and cyber attacks. Cyber attacks can be …

Zero Trust Networks: What Are They? Read More »

Read More