Multi Factor Authentication

27/02/2019

Unfortunately, identity theft and unauthorised access to online data has become one of the biggest threats to individuals and businesses in today’s digital world. New data breach laws bring with it mandatory disclosure policies that businesses must adhere to meaning it is now more important than ever that business owners take appropriate steps to reduce the risk of unauthorised access to data. Additionally, as our digital world has become more complex, the concept of a single password being sufficient protection from bad actors is outdated and you should be doing more to ensure your data is safe.

While data security is a huge issue that is well beyond the scope of this article, one relatively simple measure that many businesses are implementing is multi factor authentication or MFA. MFA is essentially adding a second security check before data can be accessed, rather than just relying on the traditional single password entry. While MFA can take many forms, two of the most common approaches involve data that can only be accessed from the authorised person’s smartphone, thereby requiring physical possession of the device when logging in to secure areas.

MFA via smartphones typically involves sending a text with a security code, or requiring a rolling random code generated on the smartphone using an authenticator app from the likes of Google or Microsoft. These codes must then be entered, along with the typical password, before the network, email or other data can be accessed, thereby introducing a second factor of authentication for access. Both of these approaches essentially come at next to no cost , and put a significant barrier in place to prevent data being hacked.

As a first step, for individuals looking to bring on another level of security, we would recommend introducing Multi-factor Authentication for those things needing the most security – online banking and email logins. Businesses will likely need a slightly more advanced approach and you should consider implementing Multi-factor Authentication for all network access, especially when accessing from a remote location is a great start to better securing your information.

In addition to implementing MFA, we would strongly encourage businesses to review their internal processes for protecting the data of their clients and customers, and consider seeking third party, professional advice, allowing you to better understand the potential exposure that your business may have.

If you’d like support knowing what options are available for business data security, please contact your adviser.

 

Ryan Muntz, Innovation Specialist