For all business owners, small and large, the risk of data breaches, ransom attacks, fraud and other cyber-crime is high, so taking as many steps as possible to protect your sensitive data is a must. The cost to you of any of these forms of attack – not just financially but also emotionally – can be frighteningly high, plus of course, keeping your customer and employee data safe is a legal obligation.
We were recently speaking to a fellow business owner who has been unable to trade for more than a week and who then opted to pay more than $10,000 to unencrypt data they were locked out of as a result of a cyberattack. This business had their security breached, the hackers spent more than a week undetected learning their system and their data recovery procedures before they wiped or encrypted all of their servers and all of their backups – all their accounting data, email systems, Word & Excel files, etc. The stuff that nightmares are made of! Apart from the financial outlay the cost of lost business and the stress involved is not something any of us would want to face.
This is one area of your business on which you definitely need to be on the front foot!
The good news is, there are simple and inexpensive steps you can take to minimise the risk of being compromised by hackers or malware. But there is not a single “silver bullet” that will protect you in all ways, rather this is more akin to “Swiss Cheese Protection” – each individual layer can be breached but with multiple layers, you can vastly reduce your risks. One such layer is 2 Factor Authentication (2FA, sometimes also referred to as 2SA or 2 Step Authentication).
We all use a range of online services (from accounting and banking to groceries and online shopping, social media, and so on), all of which require a user password, but not all of which are equally good at protecting your personal information. The majority of hacking-related data breaches involve weak or stolen passwords. How often do you change your password? If one site is compromised, all your online logins are vulnerable.
Two-factor authentication (2FA) is one really effective way to make life harder for hackers. 2FA works to prevent data security breaches by requiring users to enter more than a username and password to sign into an account, they also have to enter a code (typically 6 digits) which constantly regenerates. The second factor typically takes the form of an auto-generated code, an OTP (one-time password), or a biometric verification on a device (such as a fingerprint). 2FA apps on your mobile phone work really well.
Authenticator apps like Microsoft Authenticator are free, user-friendly options designed to increase data security across your devices. The app will create a new verification code that refreshes every 30 seconds. Other options for 2FA apps include Authy, Blizzard, and Google Authenticator.
Although 2FA makes it considerably more difficult for a cybercriminal to hack your data, there are instances where your sensitive info can become vulnerable (if, for instance, someone were to steal your smartphone and hijack your SIM). 2FA codes that are texted to you are vulnerable to being redirected if a hacker is able to redirect these to their own devices, they are then able to enter the verification code to access your accounts.
Shout out if you need to talk to us about implementing 2FA, cyber security or cloud systems into your business.