News reports of data breaches have become commonplace, including the theft of passwords and other sensitive data. One must wonder if anything is private anymore.
A method that is growing in its use, to help protect your on-line credentials, is called Multi-factor Authentication (MFA). This is a security system that requires a least one additional level of authentication beyond just your username and password, in order to gain access to a website or on-line application. One common method of MFA requires that you type in a one-time special code number, which is texted to your cell phone after entering in your username and password. Another method also requires a one-time special code, but it is sent to your phone via an authenticator app. Some sites give the option of the special code being delivered via voice message to a designated phone number.
If you’ve used a bank machine, you have already experience Multi-Factor Authentication, since accessing your account requires that you both know your PIN and are also in possession of your bank card. It requires something you know, and something you have.
Though the news headlines report only on well-known organizations being breached, don’t draw the conclusion that small businesses are being left alone. The fact is that small businesses are much easier targets and are being attacked in ever-increasing numbers. MFA presents another method of protecting yourself and your organization. Start by implementing MFA on your banking sites (business and personal), followed by on-line sites where you access confidential information, wherever MFA is an option.
Office 365 offers a Multi-Factor Authentication option, which we recommend be implemented sooner rather than later. Office 365 email breaches are escalating, so the day may not be far off where Microsoft will mandate that all users have MFA in place. An important point to note here is that setting up MFA for Office 365 is not a simple process. You may require the assistance of your IT support person, thereby incurring some cost for this initial setup. This cost will be negligible, however, compared to the cost of having your credentials stolen.
MFA adds an extra step, but not a difficult or very time-consuming one, especially considering the added security benefit. We recommend using this tool wherever possible.
Contact us if you would like to learn more about how to protect our organization against cyber security threats.