In our previous blog, we touched upon a few security layers that can be inexpensively and easily implemented into a small business providing addition protection outside of just endpoint protection. Another easily-implemented protection layer is Two-Factor-Authentication (2FA). Here’s a quick overview, and insight into how it can help protect your small business.
What is 2FA?
Two-Factor-Authentication adds additional security to the traditional username/password combination, by requiring an additional authentication component. There are three available components, of which a minimum of two should be required:
- Something you know
- Typically a username/password combination
- Something you have
- For example a token or cell phone.
- Something you are
- Retina scan or fingerprint scan, for example.
One of the most classic examples is your bank card, which typically requires a card (something you have), and a PIN (something you know).
Why Is 2FA Important?
Traditionally we’re used to logging into a system or application via a username and password combination. The issue here is the username and password can often be guessed, or figured out via brute force methods (computer programs which continuously try passwords until it finds one that works). By adding a 2nd authentication factor, it makes it much more difficult for someone with bad intentions to gain access to your account. This is especially imperative for sensitive accounts such as VPN accounts, email accounts, bank accounts, bookkeeping accounts, etc, etc. By not using multi-factor, you’re increasing the risk of breach and data loss.
Phishing attempts are also on the rise. Attackers use fraudulent emails appearing to be from reputable companies/businesses, in order to get users to enter their credentials which are in turn sent back to the attacker. 2FA helps to prevent such acts by requiring a second source of authentication that an attacker will not have. So if your username and password do get compromised, it is difficult for the attacker to actually use those credentials to compromise your account.
Two-Factor-Authentication is also required by some compliance standards, including PCI (for those accepting credit cards). It is also highly recommended under HIPAA.
Where Should I Use 2FA?
Wherever you can. Many applications have 2FA built-in, and those that don’t can be protected via third party applications. It sounds like a broken record, but when it comes to security, the more layers the better.
But It’s So Inconvenient…
The biggest downfall of 2FA is it increases the amount of time it takes to login to an application, which can be especially cumbersome for those who are logging in and out of applications frequently. The best advice is to just get used to it, as it’s a small price to pay for the additional protection it provides.
How Do I Implement It?
TwoFactorAuth.org has a great list of sites/applications which support 2FA, including links to HowTo’s on how to enable.
Don’t know where to start? Contact us at 919-391-9449 for a free consultation.
How Can I Get More Information About 919 IT Solutions, And The Services You Provide?
919 IT Solutions is a Managed IT Service Provider based in the Triangle region of North Carolina. We serve the towns/cities of Raleigh, Durham, Cary, Morrisville, Chapel Hill, Apex, Holly Springs, and surrounding areas. Please visit our website at www.919solutions.com for more information, or to get in touch.
We have over 20 years of enterprise IT experience in the system administration and DevOps fields. What does this mean? This means we don’t just know how to fix computers, but are capable of designing and architecting systems and solutions with your business’s needs in mind. We take security seriously, which is imperative in today’s digital age.
Contact us at any time – you don’t need to worry about high-pressure sales tactics here, we’re here to listen to you and find out what your current IT pain points are. Based on that, we can recommend a variety of services to fit your needs.