The simple “extra step” that can protect your identity and data
Ransomware — the extortion of money through cyber attacks that hold your data hostage — is big business. But you have access to a simple (and free) tool that shields you from this kind of attack with an extra layer of protection: two-factor authentication (2FA).
You may be most familiar with 2FA in the form of a setting on your mobile device, as we see in the picture to the right. And if you’re like most of your business peers, it might just seem like an annoying notification that could eventually lead you to an annoying extra login step.
But as luck would have it, you’re a step ahead of your peers. You’re aware of the incredible cost of ransomware, and you have an accurate belief that you are probably a target right now. So you’re going to set up 2FA right after reading this article (if you haven’t already, you savvy, modern technology user).
How multi-factor authentication works
Just in case you’re not quite convinced yet, here’s what you need to know about 2FA or MFA (multi-factor authentication). Most account logins ask you for single-factor authentication in the form of “knowledge factors” (i.e. your username and password).
Though we absolutely advocate the use of smart passwords and password managers to help protect you from stolen credentials, imagine the layering effect of a great password and a second (or third) authentication test.
A password or pin would be the most common example of a knowledge factor, but there are two additional categories of authentication: “Inherence factors” and “possession factors.”
Inherence factors are generally biometric trademarks like facial recognition (which may not always be a great option), and fingerprint or iris scans. As in so many 007 movies, voice recognition can also be an inherence factor. Possession factors prove to your login police that you are who you say you are because of what you possess, like a mobile phone number you registered with when you created the account. When you receive a text code and type it in for some of your logins, that’s a possession factor. Others include smart cards like the CAC, and security tokens.
It’s worth the slight hassle — we promise
While most usernames and passwords can be uncovered quickly by a malicious algorithm, 2FA or MFA provide a significant increase in security for your personal and business data. We encourage business owners in particular to adopt 2FA across the board, as they can’t necessarily control how cautious employees are with their passwords and login habits.
If you’ve been ignoring 2FA recommendations from your many accounts because you don’t want another login step to slow you down, here’s the bottom line: With the current state of cybercrime, it’s time to bite the bullet.
The minor inconvenience of an authentication step pales in comparison to the downtime your business would experience after a cyberattack. And pretty soon you’ll stop noticing the extra steps at all.
Know your weaknesses and grow your strengths
Varay is here to help you transition into greater cybersecurity, without tech jargon or hassle.
2FA is a fantastic first step toward a more secure business, but we’d love to help you take you to the next level of business safety. Schedule your (free) security assessment to identify your top areas of vulnerability and strength.