What is Multi-factor Authentication and Should Your Business Be Implementing It?

With security being high up the list of things a business needs to keep an eye on, two-factor and multi-factor authentication (aka 2FA and MFA to techies) has come into the light as another level of security augmenting passwords. 

This method is set up in a way that when a login for specific credentials is needed, the user is then prompted to use an alternative method to confirm that this is in fact the correct individual attempting to access this information. In most case, a passcode or password is sent to the user via a text message or email and is then asked to be input into the original source for confirmation.  

A good example, when creating a Gmail account, you have the option of setting up a 2FA. Therefore, when you are logging in to your Gmail online email account with 2FA enabled, you have to confirm that it is you not a hacker accessing your email account. Gmail will send you a code via a text message to your phone or call you to confirm that you are the real owner. If you so choose, it gives alternative options such as sending the code via text or calling the number in the Gmail account to provide this information. Once the code is implemented, you are then granted access to your account. This extra layer of security makes it more difficult for hackers to get into your email, keeping your data safe from prying eyes. 

PRO-TIP: Most companies that offer MFA have a setup guide, found usually in their settings under “Security”, that can be used to assist with execution of MFA. These instructions will guide you through the process, seamlessly. You will also be advised of what to expect when you are prompted prompted for 2FA.  

Another good reason to have multifactor authentication is due to the many website breaches that have come about lately. With MFA set up, you run less of a risk of your account being easily accessible as there are more layers of protection to combat hackers trying to steal your information. With this said, a growing number of websites have taken to MFA as of late, most being banks and other financial institutions, cloud-based software and accounts such as Office 365, health records and apps provided by medical facilities and the list goes on. Smart phone manufacturers have even gotten in on the craze, with the likes of Apple using their FACE ID as a way of confirming your identity into these sites (this works by the password initially being input and FACE ID being used going forward to confirm your identity). 

So, should multi-factor authentication be used in a business setting? Absolutely! With several of our clients (as an example) going to Office 365 for their business needs, they crave the flexibility to take their office with them, while maintaining the upmost security. By using this method, they are allowing themselves that option while also keeping their confidential work and documents safe by taking the extra step of confirming their accounts on the go. Is it inconvenient at times? Yes, but think of all the worst-case scenarios that can occur from having your private info out for the world to see.

Posted in IT Blog