Passwords are meant to protect your valuable business information from hackers, but unfortunately you can no longer rely on passwords alone!
The Trouble with Passwords
In fact, most security professionals view passwords as the weakest link in the security chain, for a couple of reasons. For starters, we often choose weak passwords.
Guess what the most popular password was in 2018?
123456. Yeah, not great!
We also tend to share them with colleagues, write them down on yellow sticky notes, use the same password for multiple applications, and neglect to change them (unless forced to by automated reminders.)
In fairness, most employees do their best to adhere to company password security guidelines, but they’re still human – which means they make mistakes.
Spear Phishing Emails are Your Worst Enemy
Even when we do follow password best practices, we’re still at risk.
That's because hackers have become super sophisticated at stealing user credentials, primarily through a tactic called spear phishing.
Spear phishing is a common type of cyber attack in which the bad guys craft detailed, targeted email messages to a specific recipient or group. The goal is to convince users to click on a malicious link or attachment and fool them into providing sensitive information such as passwords.
These emails are getting harder to detect, and are often disguised as pay raise notifications, employee satisfaction surveys, rewards programs and other legitimate looking requests.
Worse, at first glance they will appear to be from a colleague, a boss, or a partner, making it hard for busy employees to catch that its actually a phishing email.
Stop Hackers in their Tracks with 2FA
Stolen user credentials are one of the top causes of security breaches, and as mentioned, they’re primarily retrieved through phishing emails. Once an unsuspecting user clicks on phishing link, the hacker is now able to gain access to the organization and deliver the malicious payload which is frequently ransomware.
2FA is simple to use, extremely cost effective (think a couple of bucks per user) and yet surprisingly, the majority of small to mid-sized organizations still don’t use it!
How Does Two Factor Authentication Work?
Two factor authentication makes sure that only verified users can access online applications by requiring an extra layer of security, e.g. not only a password, but an additional "factor" which is typically something the user has on them, such as a smartphone.
As an example, after a user enters their name and password to access an online business app, they’ll be sent a push notification to their smartphone. One tap verifies that the user has the registered device in their possession, and immediate access is granted.
2FA can protect a wide range of applications, from your VPN, to Remote Desktop Services, to Microsoft Office 365, Salesforce, and more. Quick to implement and easy to use, there really is no good reason to delay taking advantage of such cost-effective protection for your business.
Get More Information on Two Factor Authentication
Please note that "2FA" and "MFA" are often used interchangeably. For the purposes of this article, we have used the more familiar term 2FA, although Ntiva offers a solution that effectively encompasses both.
If you would like to learn more about the Ntiva managed service offer for 2FA/MFA, download the data sheet below which will give you all the details on how we can help protect your organization!