Blog

Is 2FA Worth the Trouble?

Is 2FA Worth the Trouble?

I want to start this article out by admitting that there are a lot of active threats out there these days. There are hackers--hacking collectives, actually--that’s whole purpose is to infiltrate businesses and steal data, money, and most often, the trust people have in their technology. One way to help keep your stuff secure is by relying on two-factor authentication. 

Two-factor authentication (sometimes called multi-factor authentication) is the practice of expanding on the protection that is attained by using a password. After a person logs in with their password a two-factor authentication platform requires a separate code--typically generated by an authentication app or a text message or email to an assigned number/email address--to gain access to whatever is secured. 2FA is pretty standard on most online-based platforms nowadays. All things considered, it does help beef up security; but, can 2FA be more trouble than it’s worth? Let’s take a look. 

With many software developers now incorporating two-factor authentication into their applications, it has become pretty commonplace to have the option regardless of the software you are using. Some of the best times to roll out two-factor authentication are when you have sensitive, personal, or proprietary information to secure. While there are cracks in the foundation of this method of access control, many businesses require that their staff sign into email or line of business apps using a 2FA system. Better safe than sorry, right?

In the business setting, it makes sense to put this strategy to use. While it may be mildly irritating for your staff, the benefits, if only for organizational piece of mind, are worth the reward. Individuals, on the other hand, don’t typically need the end-to-end security that a business needs. Those that do employ some degree of additional security (beyond passwords) don’t always find it to be helpful. There is also the small matter to discuss that suggests a 2FA platform doesn’t even work.

Wait, Two-Factor Authentication Doesn’t Work?

Studies have shown, and have been corroborated by industry professionals, that two-factor authentication is just like any other currently-used, non-biometric security standard: about to be antiquated. Today, hackers are creating phishing websites that look just like the corresponding site on a web services website that states that their account information is about to go bad. The fooled party enters the information needed and now the hackers have the password, the one-off authentication code and complete access to the system. 

This may be a troubling trend, but rest assured, it is typical of every security strategy that has come up. The predominance of hacking makes all efforts seem insecure. Think about what you’ve been told. Just a short time ago you had to have a near-random passphrase, before that you needed to use a password manager, before that you needed to have a complex password of at least 12 digits that included capital and lowercase letters, numbers, and symbols. That’s not to say that 2FA doesn’t work. It absolutely does. Just be mindful that relying too much on one part of your access control strategy will likely result in data breach, headache, and frustration. 

2F-Awesome Situations to Use Two-Factor Authentication

Two-factor authentication may not be the be-all, end-all to your security needs, but it is still better than nothing. Here are a few situations where you will absolutely want to institute 2FA:

  • Remote access to corporate networks - With businesses using a more mobile workforce, securing remote endpoints makes a lot of sense. 
  • Ecommerce - Anytime you require people to submit or view sensitive or financial information, using 2FA is a good practice. 
  • Cloud services - Shared computing resources in the cloud should be secured to their max.
  • Password recovery - People lose their password. Getting a new one should be a very secure process. 
  • Communication platforms - If protecting your identity is important, locking down accounts on social media, email, and other communication applications with 2FA will add an extra layer of security.

Two-factor authentication can be a mixed bag. Some people swear by it, some people won’t. If your business wants to do what it can to secure its digital assets, it can do a lot worse than using 2FA. Call the IT experts at White Mountain IT Services today to have a conversation about how to properly roll out your 2FA platform at 603-889-0800. 

Related Posts

Telework has become crucial for businesses to sustain themselves right now, as remote work became a hard and fast requirement in the face of the coronavirus. However, if businesses aren’t careful, they could trade one issue for another in exposing th...
When we think of cybercrime, most people’s minds go to one of two places. On the one hand, some think about the annoying, misspelled emails that are so obviously scams, while on the other, we can’t help but think about the hacks that we see in movies...
Ransomware is the scariest type of malware out there. It can have a myriad of negative effects on a business, yet it seems to still be on the fringe of the mainstream. Today, we thought we would give somewhat of a refresher course on ransomware. ...
The password is the core element of both data security and user authentication. This makes the construction of them extremely important to protecting digital assets. Unfortunately, not everyone understands how to construct passwords that actually wor...
With COVID-19 creating an unsure situation for so many businesses, and by extension their employees, these employees are suddenly finding themselves in a vulnerable position. Regardless of whether or not your employees are able to come into the offic...
With the COVID-19 crisis far from over, many businesses have had their attention pulled away from their cybersecurity needs by the concerns that the current health crisis has generated. Here, we’ll be reviewing some of the observations that a group o...
Small business owners are always on the lookout for that “special something” that will bring added value to their offering. In 2020, with COVID-19 sticking around, it has been difficult for businesses to commit to any new investments. To keep revenue...
A security audit is designed to test the overall integrity of your business when it comes to its IT security. In today’s environment, businesses need to have strengthened fortifications in place to protect themselves from cyberthreats, and these fort...
Starting in 2008, Verizon has produced a report outlining the cybersecurity incident trends that the previous year demonstrated. In doing so, they have provided a resource that gives businesses greater insights into where their cybersecurity efforts ...

Quick question. If I were to ask you, on the spot, to tell me where all of your company data is, right this moment, could you tell me with absolute confidence? What if I could prove you wrong?

Conferencing has been an important tool for businesses as stay-at-home orders have moved their operations out of the office and into worker’s homes. While there are dozens of video conferencing solutions on the market, businesses should consider secu...
Protecting your online accounts, your data, and your customers’ information is now more important than ever. Industry and state-mandated compliances are now forcing businesses to tighten their cybersecurity, and it’s critical that every human being o...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions