Data breaches affect everyone from multinational companies like Target and the State of Minnesota to small businesses. Attacks keep happening in large part because they work.
The hacks themselves probably no longer shock you, but the simplicity of the solution may come as a pleasant surprise. Two-factor authentication is an easy layer of protection you can add to immediately improve your organization’s security posture.
It’s a step you must take because it is no longer a matter of if someone will try to hack you; but when. You need to assume that a data breach will happen to your company and take a proactive approach to prepare.
This quick guide will help you do that. It provides the information you need to know about two-factor authentication and how to set it up for your staff.
What is Two-Factor Authentication and How Does It Work?
Two-factor authentication, also called multifactor authentication or two-step verification, is a security feature that protects your organization by providing a second, randomly generated password sent to a separate device.
Here’s how it works:
- When you log into a two-factor enabled application, you type in the normal password.
- A second mechanism kicks in and a code, text or prompt appears on a device that only you control.
- You input this information where prompted by the application to complete your login.
The device that generates the code can be a phone, tablet, hardware token or hardware key. Hardware tokens are about the size of a USB key. (See the picture in this blog post as an example. In the picture it’s even shaped like a key!) These tokens generate random numbers used as the second factor of authentication.
Features and Benefits of Two-Factor Authentication
Two-step verification functions as a second password but with more control and security features than standard log-in credentials. Below are a few of the ways two-factor authentication will benefit your company.
Peace of Mind with Added Security
Once two-factor authentication is activated, it is enforced. Your team cannot bypass it. As a result, you won’t need to worry if someone on your staff accidentally clicks a phishing email. The extra layer of security prevents hackers who obtain credentials from logging in because they don’t have access to the second authentication.
People tend to think hackers only target governmental entities or large corporations. But, cybercriminals are not picky and won’t restrict activities based on the size of an organization. This isn’t new. The Ponemon Institute’s 2017 State of Cybersecurity in Small- and Medium-sized Businesses report found that over half of the companies in the study had been successfully attacked in the previous year.
Once hackers have access to your business data, they look to make money by selling the information, mining your contact list for other opportunities or by holding your business’ data ransom.
Designated Levels of Access
Two-factor authentication operates in a way that lets you designate levels of access for your staff. It can be aligned with the type of access you want each role to have. For example, you can set it up so that anyone trying to access email from outside your building is instantly blocked if they do not have two-factor authentication turned on and be in possession of the device that generates codes.
Prevents Your Business from Becoming a Headline
We may not be surprised by data breaches but they still make the news, and they don’t inspire feelings of confidence from customers and potential clients. No business owner reads the article about the State of Minnesota breaches and wishes for that kind of attention.
Tip: If you receive pushback from your team about deploying two-step verification, bringing up data breaches in the news will make it easier for employees to understand why the new feature needs to be implemented for their protection as well as the company’s security.
How to Set Up Two-Factor Authentication
Here are the steps your business needs to take to set it up.
1. Identify the Apps to Protect
A cybercriminal can find a way to hack any internet-accessible application, like email. Because of this vulnerability, small business owners in non-regulated industries should add two-factor authentication to any application accessible via the internet.
2. Identify the People Who Need to Use Two-Factor Authentication
Unless you need to comply with regulations, it isn’t necessary to set up two-factor authentication for all your employees. We have clients who only add two-factor authentication for a few staff members. Focus only on the people who need to log into email and business applications outside the office.
3. Choose a Deployment Option
Each member of your staff can choose to install an app on a device or receive a hardware key or token that generates codes. Depending on your two-factor authentication software, your employees may have other choices as well. The second factor can be a code sent by text message or a phone prompt asking, “Are you logging in?”
Two-factor authentication has joined anti-virus, anti-spam and firewalls as the baseline security measures all businesses need to take. We’re here to guide you through the implementation process or answer questions you have about two-factor authentication. Contact us online or by phone at (952) 258-8200.