Why Two-factor Authentication is Important For your Company’s IT Security
An increasing focus by governments and a number of high-profile data breaches are driving Australian businesses of every size are looking to find ways they can better secure their IT infrastructure. With good reason – between the loss of public good will, fines from regulatory bodies and stolen or compromised intellectual property, a data breach can cost a company hundreds of thousands or even millions of dollars.
So what can a business do to keep itself secure? There’s no silver bullet solution – after all, they say the only totally secure computer is one that’s switched off – but there are moves you can make and changes you can roll out that will make a significant difference to your organisation’s security. Key amongst them is mandating two-factor authentication (2FA). In this blog, we look at what 2FA is, why it’s useful and how you can implement it.
More than just a second lock on the door
2FA is a way of authenticating a user based on two pieces of evidence proving they are who they say they are. It contrasts with a typical website log-on that only requires a password – being a single piece of evidence. This second piece of evidence can take a number of forms: from something the customer knows such as a secret question they have to provide an answer to; to something they possess like a token, key or access code from a mobile phone; to something inherent to who they are like their biometrics.
The strength of 2FA comes from the requirement for both of these to be presented simultaneously. Independently, an SMS sent to a mobile phone or a keycard aren’t the most secure things in the world, but the requirement to have that and a password significantly reduces the chance of unauthorised access.
Passwords are weak
2FA has become a mandatory part of the security regime of even small businesses because of the growing realisation that passwords alone are a weak way of securing access to a system. Not only are passwords increasingly susceptible to brute forcing as hardware and specialised software grow in power and sophistication, they’re not very user-friendly. Passwords are generally either easy to remember and easy to break, or hard to remember and hard to break, making it difficult to strike a balance. 2FA solves this, allowing greater choice in password use while still protecting access through an alternative channel.
2FA can be implemented flexibly
Businesses are increasingly looking to 2FA because there are an exploding number of ways to implement it. From basic methods like sending a verification code via SMS to a user’s mobile phone to more elaborate biometric methods involving fingerprint reading and speech recognition, there are many options to suit businesses of every size and budget.
If you’re looking for guidance on making your business more secure – including implementing 2FA – speak to our team. Start a conversation with our staff today and learn how you could build a more security-focused organisation without compromising on your productivity or agility.