Online criminals are more organised than ever. Often, passwords provide ineffective protection from their brute-force attacks and social engineering scams
If passwords alone are inadequate, two-factor authentication can provide extra security to business services without making signing in an inconvenient process.
So, what is two-factor authentication? And should your business start using it? Read on and we’ll explain.
As the name suggests, two-factor authentication adds a second layer of protection to your online accounts.
To sign in, you need something you know and something you have.
Using a cashpoint is a form of two-factor authentication. Withdrawing money requires a debit card (something you have) and a PIN (something you know).
Online, two-factor authentication most often combines a standard password with a single-use code that’s sent to your mobile phone. This means signing in becomes slightly more complex.
First, you need to enter your password correctly. After a moment, a code arrives on your mobile phone. To gain access, you have to enter that, too:
This kind of two-factor authentication is available with common online services, including Google, Yahoo, Microsoft and Apple accounts. It makes things more secure because a hacker can’t break in with only your password.
Two-factor authentication comes in many different forms. For instance:
As a general rule, it’s wise to use two-factor authentication with any online or remote services used to store sensitive business data. These might include:
Where an online service offers two-factor authentication, it’s usually relatively easy to activate it.
Unfortunately, not all online services currently provide two-factor authentication. But when it’s available, it’s best to use it.
There’s also an argument that two-factor authentication should be a consideration when evaluating new online services.
For example, it’s probably unwise to adopt a cloud backup tool that allows access to files via a simple password.
It can be trickier to implement two-factor authentication with your in-house services. You’ll probably need to work with your IT supplier to identify and implement the best two-factor mechanism.
Because two-factor authentication adds an extra step to the sign in process, you need to make sure it doesn’t get in the way when your employees are trying to get things done.
Some two-factor services let you strike a compromise between security and accessibility. For instance, you could set up your email so that two-factor authentication is required only every 30 days, or when an employee signs in from a new device.
However, the biggest issue with two-factor authentication is ensuring you always have access to the thing you need to sign in. Text messages are generally reliable, but what do you do if your phone battery goes flat or your mobile network goes down?
A good rule is to have two backup options in case something goes wrong. Often, you can print out a set of one-time codes to keep safe for use in an emergency.
For instance, if you use two-factor authentication with your Apple account, you can print out a code to reset your account as a last resort:
To be extra sure of maintaining access to your data, have another alternative way to access your account settings too. Perhaps you can set up a specific computer in your office, or simply grant access to your IT supplier.
Two-factor authentication is an extremely effective way to protect your data from hackers. It’s advisable to use it wherever possible. Just make sure you don’t risk leaving yourself locked out either.
Comments
Add a comment
Not registered? We'll create a new account for you when you add your comment