A lot of us already know that the weakest link in any IT deployment are the people who use it. And that’s not just the angry cynicism of a systems administrator who’s spent his 4th sleepless night fixing a huge emergency, fueled by nothing but energy drinks, fast food, and despair (although they do tend to be a bit louder about it).
In fact, in the world of corporate espionage, phishing scams, ransomware, and so on, it’s people who are being targeted. “Social engineering” (or the use of deception to manipulate individuals into divulging confidential information) attacks are on the rise.
Between October 2013 and December 2016, the FBI recorded 40,203 separate instances where an employee’s credentials had been compromised, resulting in over five billion dollars in losses, and that doesn’t even include those business who chose not to divulge when they were targeted, or those who haven’t yet realized they’ve been compromised.
As attacks become more sophisticated, more widespread, there needs to be a way to implement some sort of checks and balances to prevent confidential information such as passwords, projects, and so on, from falling into the wrong hands.
Two-Factor Authentication (or 2FA) is one highly effective tool which you can leverage to protect your business by providing an extra layer of security to what are otherwise usually very simple username/password security arrangements.
The way it works is pretty simple: not only do you need a standard username and password, but you also need something that only the user could have on them (such as a physical token or personal cellphone).
These can be configured so that, for instance, if someone has successfully stolen your account credentials and tries to access them from an unrecognized device, your token or device would receive an alert and give you the opportunity to approve or deny access to your account (so if, for example, someone’s trying to log in from the Netherlands and you’ve never been there, you can be pretty sure you just stopped a data breach).
Broadview’s 2FA offerings are affordable, super-lightweight, and extremely easy to use. Whether your IT department wants to administer 2FA internally to your users, or you’d like for us to handle it in part of a managed services agreement (or stand-alone), we can help you secure your business and protect your users.