K2E Canada Inc
  • Home
  • TRAINING
    • WEBINARS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • TECHNOLOGY CONFERENCE
    • INSTRUCTORS
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG
  • Home
  • TRAINING
    • WEBINARS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • TECHNOLOGY CONFERENCE
    • INSTRUCTORS
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG

Multi-Factor Authentication – A Necessity in Today’s World

8/1/2020

 
From the perspective of data security, today’s world is an extremely dangerous one. It is hard to go a single day without hearing about yet another data breach, a phishing incident, or some other form of security nightmare. Yet, virtually all of us have a simple and highly effective security option available in the form of Multi-Factor Authentication (MFA). In this article, we explore MFA and how and why you should implement it to improve the security of your data and reduce the likelihood that you will become yet another victim.

What is Multi-Factor Authentication?

MFA is a security protocol that requires you to log-in (authenticate) to a website or application by using more than just your username and password. With MFA in place, you authenticate to a website or other application by using at least two of three of the following characteristics.

  1. Something you know, such as a username/password combination.
  2. Personal characteristics,  such as a fingerprint, retina scan, or facial recognition.
  3. An item that you have in your physical possession, such as a key fob or a smartphone.

A common form of MFA in use today begins by entering a username/password combination to log-in to a website. Upon doing so, the user receives a numeric code on their smart phone and, in turn, they also enter that code into the website to complete the process of authenticating to the website. The advantage to MFA in this scenario is that someone attempting to “hack” their way into the user’s website would not only need to know the username/password combination, but they would also need to have the user’s smartphone in their physical possession in order to receive the text message to complete the authentication process. And, while this is not an impossible scenario, it is a far less likely one than the hacker knowing the user’s username and password combination. As a result, the risk of the hacker accessing the user’s account is diminished significantly.

Which Apps and Services Offer Multi-Factor Authentication?

Maybe a better question is which ones don’t, because virtually all websites and applications that provide access to sensitive data today offer some form of MFA. For example, most banking and other financial websites support MFA as a means of making it more difficult for a hacker to gain unauthorized access to an account. Similarly, many accounting applications – both Cloud-based and desktop/server-based – also offer MFA as a means of providing advanced security for the data stored in the database. Many mobile apps also offer MFA as a means enhancing security. Even Windows 10 offers MFA as a security option through its “Windows Hello” feature. With this tool, users can log-in using traditional username/password combinations, PIN codes, fingerprint scans, or facial recognition – or some combination of each of these factors. Further, Windows 10 allows users to “pair” their Bluetooth-enabled smartphones to their computers so that if the smartphone is out-of-range of the PC, the PC automatically enters “locked” status; this particular feature is known as “Device Lock.”

How Do I Activate Multi-Factor Authentication?

Of course, the process for enabling MFA will depend upon the application or service in question. However, in general, it will be necessary for a user with “administrative” rights or privileges to activate MFA for an application or service in use by a business. For example, an Office 365 Administrative user can enable MFA for a single Office 365 user or for all users in an organization. On the other hand, an individual user can enable MFA on their banking website (assuming this feature is offered by their bank) by modifying their settings on the site. Notably, virtually all websites, applications, and services through which sensitive information can be accessed offer some form of MFA today. 

What Should I do if Multi-Factor Authentication is Not Available?

If a website, service, or application that you use does not offer MFA, you should contact the publisher to ensure that MF is, indeed, not available. If it is not and you are committed to continue using that website, service, or application, then you should ensure that you adhere to the principles of strong passwords, which include the following:

  • Passwords should be at least twelve alphanumeric characters in length.
  • You should never write your passwords down.
  • Never share your passwords with anyone.
  • Change you passwords  immediately if you suspect that they may have been compromised.
  • You should use a separate password for each website, service, or application you access.

From a practical perspective, most individuals simply cannot comply with the guidelines outlined above and, to that end, password management tools such as Roboform, LastPass, KeePass, Dashlane, and Zoho should be used to help manage passwords. (You can access CNET’s best password managers for 2019 by clicking here.) Remember, if the websites, applications, and services you use do not support MFA, the security of your sensitive data will be almost solely determined by the strength and security of your passwords…this is not a time to be lax with your passwords!

Summary

Data security is a top-of-mind concern for all business professionals today. Yet, all too often these same professionals do not take advantage of the tools that are available to them – such as Multi-Factor Authentication – that can strengthen the security of this data. To the extent that you have access to MFA, ensure that you activate this feature everywhere so that you will reduce the chances that you become yet another victim of a data breach. Remember, cyber criminals are always looking for the past of least resistance; enabling MFA will make that path more difficult, if not impossible, for them to travel in order to steal your data.

Tommy Stephens


Comments are closed.

    Categories

    All
    2022
    Accountant
    Accounting Software
    Accounting Solutions
    Adobe
    Advisory
    AI
    Artificial Intelligence
    Automation
    Backup
    Bitcoin
    Blockchain
    Business Automation
    Business Continuity
    Business Intelligence
    Business Management
    Cloud Computing
    Collaborate
    Collaboration
    Colonial
    Computer
    COVID 19
    COVID-19
    CPA
    CRM
    Cryptocurrency
    Customer Relationship Management
    Cybersecurity
    Cyptocurrencies
    Dext
    Doc.It
    Ecommerce
    Emerging Technologies
    Entrepreneurs
    Excel
    Forecasting
    Forecast Sheet
    Google
    Grammarly
    HR
    Internal Controls
    Internal Priorities
    KPIs
    LET
    Links
    Management Reports
    Microsoft 365
    Microsoft Office 2021
    Microsoft Teams
    Office
    Office 365
    Online Shop
    Outsourcing
    Pandemic
    Paperless
    Personal Computer
    PivotTables
    Power Automate
    Power BI
    PowerPoint
    Productivity
    QuickBooks
    Quickbooks Online
    Ransomware
    Receipt Bank
    Remote Work
    RPA
    Sage 50
    Security
    Small Business
    Small Business Accounting
    Small Business Accounting Software
    Stockhistory
    Technologies
    Technology
    Tech Update
    Windows
    Windows 10
    Windows 11
    Word
    Work At Home
    Workflow
    Work From Home
    Xcm
    Zoho
    Zoho CRM

    Authors


    Ward Blatch
    Ward provides consulting and training services as the Managing Director of K2E Canada Inc. He joined K2E Canada in 2005 and is responsible for the Canadian operations of this international consulting group, which provides professional development technology education for accountants across Canada and the US. Ward lives in rural Nova Scotia and can be reached at ward@k2e.ca.

    Tommy Stephens
    Tommy is one of the shareholders in K2 Enterprises, affiliating with the Firm in 2003 and joining as a shareholder in 2017. At K2, Tommy focuses on creating and delivering content and is responsible for many of the Firm's management and marketing functions. Tommy resides in the metro Atlanta area. You may reach him at tommy@k2e.com.

    Randy Johnson
    Randy is a nationally recognized educator, consultant, and writer with over 40 years experience in Strategic Technology Planning, Accounting Software Selection, Paperless, Systems and Network Integration, Business Continuity and Disaster Recovery Planning, Business Development and Management, Process Engineering and outsourced managed services. Randy can be reached at randy@k2e.com


    Bernie Smith
    Bernie coaches businesses to develop meaningful KPIs and present their management information in the clearest possible way to support good decision making. As the owner of Made to Measure KPIs, he has worked with major organisations including HSBC, Airbus, UBS, Barclays, Credit Suisse, Lloyds and many more.

    RSS Feed

Training & Education

Webinars
Road to Excellence Online Seminar
Seminars
Conferences
Instructors

Tech News

K2E Canada's Tech Update Newsletter

More

Privacy Policy
About
Contact

K2E Canada Inc.  |  484 Scarlett Crescent  |  Burlington, ON L7L 5M2  |  (902) 200-9207
© 2022 K2E Canada Inc. ALL RIGHTS RESERVED.