K2E Canada Inc
  • Home
  • TRAINING
    • WEBINARS
    • UPCOMING EVENTS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • CONFERENCES
    • INSTRUCTORS >
      • ALAN SALMON
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG
  • Home
  • TRAINING
    • WEBINARS
    • UPCOMING EVENTS
    • ROAD TO EXCELLENCE ONLINE SEMINAR
    • SEMINARS
    • CONFERENCES
    • INSTRUCTORS >
      • ALAN SALMON
  • NEWSLETTER
    • Signup
  • ABOUT
  • CONTACT
  • BLOG

Multi-Factor Authentication – A Necessity in Today’s World

8/1/2020

0 Comments

 
From the perspective of data security, today’s world is an extremely dangerous one. It is hard to go a single day without hearing about yet another data breach, a phishing incident, or some other form of security nightmare. Yet, virtually all of us have a simple and highly effective security option available in the form of Multi-Factor Authentication (MFA). In this article, we explore MFA and how and why you should implement it to improve the security of your data and reduce the likelihood that you will become yet another victim.

What is Multi-Factor Authentication?

MFA is a security protocol that requires you to log-in (authenticate) to a website or application by using more than just your username and password. With MFA in place, you authenticate to a website or other application by using at least two of three of the following characteristics.

  1. Something you know, such as a username/password combination.
  2. Personal characteristics,  such as a fingerprint, retina scan, or facial recognition.
  3. An item that you have in your physical possession, such as a key fob or a smartphone.

A common form of MFA in use today begins by entering a username/password combination to log-in to a website. Upon doing so, the user receives a numeric code on their smart phone and, in turn, they also enter that code into the website to complete the process of authenticating to the website. The advantage to MFA in this scenario is that someone attempting to “hack” their way into the user’s website would not only need to know the username/password combination, but they would also need to have the user’s smartphone in their physical possession in order to receive the text message to complete the authentication process. And, while this is not an impossible scenario, it is a far less likely one than the hacker knowing the user’s username and password combination. As a result, the risk of the hacker accessing the user’s account is diminished significantly.

Which Apps and Services Offer Multi-Factor Authentication?

Maybe a better question is which ones don’t, because virtually all websites and applications that provide access to sensitive data today offer some form of MFA. For example, most banking and other financial websites support MFA as a means of making it more difficult for a hacker to gain unauthorized access to an account. Similarly, many accounting applications – both Cloud-based and desktop/server-based – also offer MFA as a means of providing advanced security for the data stored in the database. Many mobile apps also offer MFA as a means enhancing security. Even Windows 10 offers MFA as a security option through its “Windows Hello” feature. With this tool, users can log-in using traditional username/password combinations, PIN codes, fingerprint scans, or facial recognition – or some combination of each of these factors. Further, Windows 10 allows users to “pair” their Bluetooth-enabled smartphones to their computers so that if the smartphone is out-of-range of the PC, the PC automatically enters “locked” status; this particular feature is known as “Device Lock.”

How Do I Activate Multi-Factor Authentication?

Of course, the process for enabling MFA will depend upon the application or service in question. However, in general, it will be necessary for a user with “administrative” rights or privileges to activate MFA for an application or service in use by a business. For example, an Office 365 Administrative user can enable MFA for a single Office 365 user or for all users in an organization. On the other hand, an individual user can enable MFA on their banking website (assuming this feature is offered by their bank) by modifying their settings on the site. Notably, virtually all websites, applications, and services through which sensitive information can be accessed offer some form of MFA today. 

What Should I do if Multi-Factor Authentication is Not Available?

If a website, service, or application that you use does not offer MFA, you should contact the publisher to ensure that MF is, indeed, not available. If it is not and you are committed to continue using that website, service, or application, then you should ensure that you adhere to the principles of strong passwords, which include the following:

  • Passwords should be at least twelve alphanumeric characters in length.
  • You should never write your passwords down.
  • Never share your passwords with anyone.
  • Change you passwords  immediately if you suspect that they may have been compromised.
  • You should use a separate password for each website, service, or application you access.

From a practical perspective, most individuals simply cannot comply with the guidelines outlined above and, to that end, password management tools such as Roboform, LastPass, KeePass, Dashlane, and Zoho should be used to help manage passwords. (You can access CNET’s best password managers for 2019 by clicking here.) Remember, if the websites, applications, and services you use do not support MFA, the security of your sensitive data will be almost solely determined by the strength and security of your passwords…this is not a time to be lax with your passwords!

Summary

Data security is a top-of-mind concern for all business professionals today. Yet, all too often these same professionals do not take advantage of the tools that are available to them – such as Multi-Factor Authentication – that can strengthen the security of this data. To the extent that you have access to MFA, ensure that you activate this feature everywhere so that you will reduce the chances that you become yet another victim of a data breach. Remember, cyber criminals are always looking for the past of least resistance; enabling MFA will make that path more difficult, if not impossible, for them to travel in order to steal your data.

Tommy Stephens

0 Comments



Leave a Reply.

    Categories

    All
    Adobe
    Advisory
    AI
    Artificial Intelligence
    Automation
    Business Intelligence
    Cloud Computing
    Collaborate
    Collaboration
    COVID 19
    COVID-19
    CPA
    Cybersecurity
    Ecommerce
    Excel
    Google
    Grammarly
    Internal Priorities
    KPIs
    LET
    Microsoft 365
    Microsoft Teams
    Office
    Office 365
    Online Shop
    Outsourcing
    PivotTables
    Power BI
    PowerPoint
    Productivity
    Ransomware
    Security
    Small Business Accounting Software
    Technology
    Tech Update
    Windows
    Windows 10
    Word
    Work At Home

    Authors


    Ward Blatch
    Ward provides consulting and training services as the Managing Director of K2E Canada Inc. He joined K2E Canada in 2005 and is responsible for the Canadian operations of this international consulting group, which provides professional development technology education for accountants across Canada and the US. Ward lives in rural Nova Scotia and can be reached at ward@k2e.ca.

    Alan Salmon
    Alan Salmon is recognized as Canada’s leading analyst in the area of accounting technology. He has nearly 35 years of business, management systems, education and journalism experience, has a degree in Science and an Advanced Teaching Certificate from the University of Toronto. Alan has now retired from teaching and lives in Brampton, Ontario with his wife Nancy. He can be reached at alan@k2e.ca

    Tommy Stephens
    Tommy is one of the shareholders in K2 Enterprises, affiliating with the Firm in 2003 and joining as a shareholder in 2017. At K2, Tommy focuses on creating and delivering content and is responsible for many of the Firm's management and marketing functions. Tommy resides in the metro Atlanta area. You may reach him at tommy@k2e.com.

    Randy Johnson
    Randy is a nationally recognized educator, consultant, and writer with over 40 years experience in Strategic Technology Planning, Accounting Software Selection, Paperless, Systems and Network Integration, Business Continuity and Disaster Recovery Planning, Business Development and Management, Process Engineering and outsourced managed services. Randy can be reached at randy@k2e.com

    RSS Feed

Training & Education

Webinars
Upcoming Events
Road to Excellence Online Seminar
Seminars
Conferences
Instructors

Tech News

K2E Canada's Tech Update Newsletter

More

Privacy Policy
About
Contact

K2E Canada Inc.  |  591 Highway 221  |  North Kingston, NS Canada B0P 1R0  |  (902) 200-9207
© 2020 K2E Canada Inc. ALL RIGHTS RESERVED.