BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

What You Need to Know About Two Factor Authentication

Everything You Should Know About Two Factor Authentication

Does your business use 2FA? With the prevalence of data breaches today, it’s time to start employing this simple security feature within your business.  


Without a doubt, you’ve read and heard about the rampant cybersecurity problems that are insidiously plaguing businesses today. Municipalities in places like Florida, South Carolina, and elsewhere are having access to their systems denied unless they pay hundreds of thousands of dollars. Businesses of all sizes and in all industries are being shut out of their data until they do the same.

As a business owner or manager yourself, you are probably concerned about whether your organization will fall victim to the same fate. What can you do to prevent a cybersecurity attack?

You may be surprised to know that the fate of your business’s security probably lies within a straightforward thing that you and all of your coworkers and employees use every day: passwords.

The fact of the matter is that most people in your business are putting your data and systems at risk every day with the weak login credentials they use. That is, many people use the same password for all of their accounts — both personal and business related. Furthermore, many people use passwords that are way too simple and easy to guess by hackers — the name of the street that they live on, the name of their pet, their date of birth, or their anniversary date.

It’s hard to stop people from doing this because most employees don’t think that their password really matters. They assume that it will never be guessed by anyone (how could it be?), and as long as they don’t share it with anyone, it’s good enough to keep would-be cybercriminals at bay.

Unfortunately, this is not the case.

The only way to indeed keep hackers from guessing passwords or using high-tech trial and error algorithms to uncover passwords is to use two-factor authentication, also known as 2FA.

What Is 2FA?

2FA or two-factor authentication is a security system that forces users to have two proofs of identity before they can log in to a database, program, computer, or network. This is a system that you should be using at home and within your business.

As the name implies, there are two elements of two-factor authentication. First, the user must provide something they know. This could be a password or passcode, a pin number, or the answer to a secret question.

Next, the user must provide proof of something they have. For example, the two-factor authentication prompt may ask that the individual put in their credit card number (because their credit card number is something they possess). Likewise, some organizations will give each individual employee a security token that actually stays in their possession. This might be an RSA security device, a Google Authenticator, or something else. This device will be activated when prompted during login and will provide a passcode or pin that changes frequently. Another option is biometric authentication, such as an iris scan, voiceprint, or fingerprint.

Has Your IT Services Company Spoken to You About 2FA?

As the owner or manager of your business, it shouldn’t be your responsibility to ensure the security of your sensitive data and network systems. This responsibility falls on the shoulders of your IT services company, and within their security division, one of the pillars of a robust cybersecurity strategy should be two-factor authentication.

If your IT services company has not spoken to you about employing a two-factor authentication system, don’t wait to ask them about it. The foundational necessity of this simple security measure suggests that if they haven’t already employed it, they’re probably not doing their job in other ways.

In that case, it’s time to find a new managed services provider. Give us a call, send us an email, or visit our website today to learn how we can help.

Two Factor Authentication

More Like This

AA22-223A: #StopRansomware: Zeppelin Ransomware

Original release date: August 11, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for …

AA22-223A: #StopRansomware: Zeppelin Ransomware Read More »

Read More

AA22-216A: 2021 Top Malware Strains

Original release date: August 4, 2022 Summary Immediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication (MFA). • Secure Remote Desktop Protocol (RDP) and other risky services. • Make offline backups of your data. • Provide end-user awareness and training …

AA22-216A: 2021 Top Malware Strains Read More »

Read More

Small Business Guide To Microsoft Azure Virtual Desktop

Small Business Guide To Microsoft Azure Virtual Desktop The business world is becoming increasingly digital. Since the COVID-19 pandemic began, many companies have moved into work-from-home situations, which has made remote and hybrid working environments more desirable and commonplace for workers across the country. The modern workforce is more flexible and mobile than ever, and …

Small Business Guide To Microsoft Azure Virtual Desktop Read More »

Read More

AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector

Original release date: July 6, 2022 Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least May 2021 to …

AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector Read More »

Read More

AA22-181A: #StopRansomware: MedusaLocker

Original release date: June 30, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for …

AA22-181A: #StopRansomware: MedusaLocker Read More »

Read More

AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

Original release date: June 23, 2022 Summary Actions to take today: • Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell in December 2021, treat all affected VMware systems as compromised. • Minimize the …

AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems Read More »

Read More