With massive, repeated ransomware attacks making news, and cyber-crime increasing rapidly, you’ve probably heard about the need for strong passwords. But the new breed of cyber-criminals are smart, organised, and very convincing; even the well-educated have been caught out. So, are strong passwords enough?
In many cases now, the answer is no. Even with consistent training, there will still be users who fall for scams, make soft passwords, or release password information in hundreds of ways. It is still not uncommon to see passwords on post-it notes, or shared between others for convenience.
Two-factor authentication is a way of making passwords stronger. It adds an element to access, so that to log in to a system, the user must have or know some additional information. There are many methods, from SMS codes to a mobile phone, or tokens with encrypted codes that change every minute.
An extra layer of protection
It is not easy for a hacker to bypass two factor authentication, even when other systems are compromised, making it a relatively simple yet effective security tool. It doesn’t have to be excessively costly. Many websites offer protection free via an SMS – a handy tutorial is available online.
It is worth encouraging your staff to take this extra measure, in particular those responsible for your organisation’s social media accounts. Hacking social media accounts is a common practice now – who could forget Melania Trump seeming to like a post mocking her husband, or the fun Twitter users had when soccer rivals Real Madrid and FC Barcelona were both hacked in the same week.
While those are some less serious examples, account takeovers are costly. Related fraud is expected to reach a cost of US$8.3 Billion in 2018, so it pays to protect yourself and your colleagues. If your organisation does e-commerce, or has customers logging in to any part of your site, offering them protection is a worthwhile endeavour, and will help to strengthen your bond with them.
Increasing security measures
Organisations such as banks are increasingly adding two factor authentication to their security measures. For an extra $20 or so, customers at Suncorp can add a SecurID token, and other financial institutions offer similar measures for business customers. Since Australians lost $521 million to card fraud in 2016, you can see why security is a priority.
It isn’t only hackers that prompt these additional security measures; white-collar crime is on the increase. Theft of databases, financial information, even siphoning funds can be costly both in reputation and direct monetary value. In spite of a recent senate enquiry, penalties for corporate fraud remain low in Australia compared to other nations, so it pays to be on your guard.
While you may think you know your co-workers well, two-factor authentication provides an auditable trail without easy excuses – it allows organisations to prove the perpetrator of any wrongdoing and hold them to account. As a result, it reduces exposure and makes your organisation a less attractive target.
For more information about internet security, two factor authentication options, or securing your business, contact the team at TechPath.
TechPath is hosting a Cyber Security event in Brisbane in early 2018. Register your interest here to be the first to receive an invitation.