Talk to almost anyone these days, individuals or businesses, about what they should do to secure their accounts and the first thing they will say is “have a strong password”! This should be different for every account, never share it, change it regularly and use a password manager if you can’t remember them such as LastPass. They may then go on to say the next step is 2FA or MFA
Enabling 2FA is free, easy and something we talk about in our Cyber Education with companies. It will provide a further barrier to your accounts from these pesky hackers who are after easy accounts to hack and exploit.
So what is 2FA and MFA?
2FA stands for 2-Factor-Authentication
2FA, is an additional step to your log in process. This happens after you have provided your username and password and can consist of an authentication email or SMS text being sent to you to confirm your identity.
MFA stands for Multi-Factor-Authentication
The additional verification step can present itself in many ways such as fingerprint scanning, facial recognition, or smart cards. Most applications or accounts now have this feature available. It is easy to enable and takes moments to set up.
Why is it a key part of our Cyber Education training? Because it relies on you physically being present to authorise the access, whether this be via your phone or laptop. It eliminates almost all hacks, even if you provide your password to a hacker.
Where should I enable 2FA?
Any site that offers it! If you check out the account or security settings on the website, you should be able to find out if they do or not. Applications such as ‘Authy’ or ‘Microsoft Authenticator’ are great as they will store your authentication codes all in one place on a registered device. You just simply scan a QR code on the website, while using the app. These apps will be available from your trusted App store.
- Any site that has your payment details
We recommend that you ensure any sites that have your payment details have 2FA enabled to protect you further as these will be more attractive to hackers. Major sites such as eBay and Amazon have MFA functionality under your account settings.
- Social Media
All social media sites have the ability to enable 2FA. People tend to disclose huge personal details about their lives which could give hackers the ability to commit fraud, impersonate you or blackmail your family or friends.
Banks have been at the forefront of security for a while now to prevent hackers and fraud, but it still can happen. Usually they now have MFA in place (more than two layers) to protect you and will have detailed policies in place for you to ensure you are as protected as possible.
All major email providers have 2FA/MFA in place and can be activated via security settings. Remember that your email mailbox has personal details about all aspects of your life.
Are you still vulnerable even with 2FA or MFA?
In short yes, but in reality having 2FA/MFA enabled as a standard consumer will protect you against the vast majority of attempts to exploit your accounts. It truly depends on the types of authentication your provider allows you to use, and the level of access the hacker has to your current accounts. For example if you have MFA enabled for Facebook which sends you an email whenever you login to Facebook, this is only effective if the hacker does not have access to your mailbox.
Southern Solutions provide Cyber Education for all our contract customers but we also provide education as an AD Hoc service for customers we do not.
Providing education has been proven to reduce the risk of breaches and we feel it is an imperative line of defence when it comes to the security of your business.
If you are concerned about your business Cyber Security or your business Cyber Education please call Oli on 02382 022099 for an informal chat and some valuable advice.