I’m back at sharing tech tips around bolstering your IT security. Exciting, right? For those already considering the delete key, please don’t! I promise I’ll make this an easy read.
This week we’ll define MFA (also known as 2FA), go over its benefits, and finish with some tips on how best to set it up. I’ll break up each of these three sections so you can skip over a part if you are familiar with it.
Definition: MFA is an acronym for multi factor authentication. Another term that is commonly used is 2FA which is an acronym for second factor authentication. MFA & 2FA describe any technology (hardware & software) that help further certify your identity when you are logging into websites or devices.
Benefits of MFA are so widely recognized that it is required by most financial institutions and secure websites (for example, when the website texts you a code to enter as part of logging in). Passwords are rarely changed by users and easy to hack so MFA adds an additional layer(s) of verification into the mix. Most commonly, MFA works by requiring a 6-digit code to be entered which is updated every 30 seconds. This makes getting your accounts hacked much more difficult to accomplish. Close to half of all breaches happen because of leaked passwords, so enabling MFA can eliminate quite a bit of risk.
Setting up MFA has become much easier since it has wide support across the board. Even though we suggest enabling it everywhere possible, the first step is to identify the most critical places. Banks, credit cards, and online payment services like Venmo & PayPal lead the list here. If possible, anywhere your financial information is stored should be setup with MFA. Second on the list would be business critical services such as your email accounts, online apps & services that contain important or sensitive information. Third would be anything else that supports MFA. Enabling MFA (when supported) is usually under security settings or your account profile of any given site. In addition, apps that generate MFA codes come in super handy. You can read more on that in the next section.
E-mail MFA requires a paragraph of its own here because of how often we see damages caused by email breaches. Securing your email accounts with MFA is a must! First thing to remember is that various devices (such as your smartphone), apps (such as outlook), and services connect to your email account. Make a list of these connections before you get started. Enabling MFA can break this connection so you must be prepared.
First, identify devices / services that do not support MFA; for these, you can create an app password. Here is how to do that for Microsoft and Google. When enabling MFA, you can use an app that can generate the codes such as Authy or a password manager. My preference is using a password manager since you can both securely store passwords and generate MFA codes in one place. Most password managers support this, but our favorite is a customized version of an app called Keeper. Feel free to reach out if you like to know more. Once that all is done, it’s time to set up MFA directly on your email account. Here are the instructions for Microsoft and Google.
Better security should be prioritized within your company culture and critical pieces such as MFA should be implemented company wide. As always, with your partnership, my team and I would love to make your business more secure.
Truly yours,
– Burak Sarac, Team Lead
|