Have any question?
Call (516) 403-9001
MSPNetworks Blog
MSPNetworks has been serving the Farmingdale area since 2010, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Businesses are prioritizing cybersecurity more than ever. Many insurers now require companies to meet specific cybersecurity standards before offering coverage, with one key requirement being the implementation of multi-factor authentication (MFA).
Here’s what you need to know and how we can help.
0 Comments
When I was a kid, there was a Tex Avery cartoon where Droopy Dog was chasing down a crook who escaped from jail. There was a particular scene where the crook (I think it was a wolf in a black-and-white striped jumpsuit) takes a bus, a plane, a ship, and a taxi to a secluded cabin, and then closes a series of increasingly complex doors with a large number of locks, in order to hide away from the pursuing cartoon basset hound.
Of course, when he turns around, exhausted by all the effort he puts in, he realizes that Droopy is standing right behind him, and greets him with a monotone “hello.”
I haven’t seen this cartoon since I was 7 years old, but I almost always think about it when I am using multi-factor authentication.
Does Cybersecurity Feel Like It’s a Lot of Effort?
Strong complex passwords, multi-factor authentication, complex policies and rules, and not always feeling like you have total access to everything you need at any given time certainly can feel like a hurdle when it comes to getting stuff done.
Believe me, I get it. As a tech head, I love how secure my information can get, but as a business owner, as a person who just needs to get things done, it really can be just frustrating enough to make it feel like it isn’t worth it.
I’ll never stop advocating it though.
Sometimes, in my head, I might grumble and think to myself—this is stupid, I’m just trying to get into my Facebook account. But then I think, through my Facebook account, I have all of my contacts, many of which are people I do business with. I also own my business page, and a couple of groups that I rely on for networking, and my ads account, which has my business credit card…
You get the idea. It’s just Facebook, but it’s so wrapped around my life that if someone else were to get in there, it could get really messy and complicated.
The same goes for email accounts, bank accounts, and software that stores sensitive information for myself and my business. Basically, anything that you can lock down with multi-factor authentication, you really should, and your employees should all be doing the same.
The Password Just Isn’t as Secure as It Used to Be
Somewhere early on, when the world was figuring out what to do with computers and the Internet, a bunch of folks got together and decided that the password would be the ultimate authentication tool. You just type in your magic words, “open sesame!” and yep, that’s definitely you and can’t possibly be anyone else!
It wasn’t a bad idea back before we were doing banking and storing medical records and other sensitive information online, and before we were using online tools and databases to store tons and tons of client information about people besides just ourselves.
But the password just isn’t that secure. They are easy to crack, and it’s so easy to be lazy about them to the point where they don’t even offer any protection at all. A 12-character password can be cracked with password-cracking software on your average laptop in less than 14 hours, and that time could be much shorter if your password isn’t all that complex.
Plus everyone has the tendency to reuse passwords or establish a predictable pattern in their password-making behaviors… it’s a mess. It’s not a good way to rely on security.
That’s why we have things like multi-factor authentication. Yes, it adds an extra step and can be a little annoying, but it can be streamlined. Here are some tips.
How to Optimize Your Multi-Factor Authentication
- Try to stick to just one single authentication app, preferably one that can be backed up and synced between devices. Give us a call at (516) 403-9001 to help you pick one that works for you.
- Label your accounts in the app clearly, and try to organize them if you can.
- In your password manager, note how the multi-factor authentication works. If it has to come through SMS or email, it might feel a little more efficient if you noted that for yourself so you were prepared as you were logging in.
- Go into current accounts and check to see what your security settings allow you to do. When possible, use the authentication app so you aren’t relying on authentication information coming in from all different directions.
Cybersecurity is complicated, and it can feel like an overwhelming hurdle, but we can help you and your business use it effectively. It is important, and it is something that we should all be using as often as possible.
To get help, give us a call at (516) 403-9001.
Multi-factor authentication is great when it works, but when it doesn’t, it can leave you in a pretty difficult situation. After all, what happens when all of a sudden, you cannot access your secondary authentication methods? We’re here to help you bypass this particularly challenging and frustrating scenario.
First, let’s look at how and why you might accidentally get locked out of your MFA methods.
How Might You Get Locked Out of Your MFA Solution?
Multi-factor authentication works by shoring up the problematic password and augmenting it with other, secondary methods of authentication that are more secure. The logic is simple; two keys for a single lock is more effective than one. You might use a password and a fingerprint scan, or a password and a USB key. Here is a brief rundown of various MFA methods:
- Something you know: A password, passphrase, or a PIN.
- Something you have: Something you own or have in your possession is required to access the account, like a key card, smartphone, or hardware-based security key.
- Something you are: Think biometrics, a fingerprint, or retina scan—something to confirm your identity.
By requiring more than just one form of authentication, it becomes much more difficult for an attacker to get into an account.
Of course, requiring two keys also means that if you lose one of them or forget one of them, you cannot access your account, leading to the exact opposite problem of hackers infiltrating your account.
Potential Solutions to Your Dilemma
Rather than give up immediately and start over, let’s consider two paths you might be able to use to gain access to your locked account.
You might be logged in elsewhere.
Most services and applications using MFA will have a website and an app, and chances are at least one of them will still have you logged in, if you’re like most individuals who dislike the hassle of logging into your account every time you have to use it. You can sometimes check the settings to discover an option that will let you temporarily disable two-factor authentication. You will probably have to provide the password, so make sure you don’t accidentally log out until you have finally gotten control of your account again.
Customer support might help.
Customer support might not be the most ideal solution to your problems, but it’s an effective one. Simply put, you never know what’s possible until you ask about what is possible. There might be a simple way you can get back into your account. If there isn’t, there might still be a way too, but it could take up to a couple of days before it takes effect.
Really, the best way to address this issue is to not find yourself in it in the first place. If you have to open a new account just to get around this frustration, make sure you contact the vendor to disable the old account so that no one can take advantage of the old one.
What Other Options Do You Have?
Most modern MFA tools have contingency plans built into them specifically for situations like these. One way is to set up multiple methods of secondary authentication, like having secondary phone numbers, email addresses, or biometrics in place, providing you with more ways to get into your account should you lose access to one of them.
Many MFA platforms also provide users with recovery keys or backup codes that you can use to communicate with the MFA platform, further guaranteeing that you are the designated user. If you generate one of these codes, you’ll want to ensure that it is protected in a safe place, preferably one with encryption.
If you go the security key route, you should consider getting a second key as well, just in case. Some services enable you to get multiple keys tied to your account specifically because they understand how easy it is to lose something important like this. Plus, if you ever upgrade your key, you’ll have the old one to use as a backup.
Let’s Make Sure Your IT Works
One of our big responsibilities as a managed service provider is making sure you get the value you expect out of your technology, which includes accessing your resources and accounts as needed. We can help you ensure that you are always connected to what makes your business run. To learn more, reach out to us at (516) 403-9001.
Two-factor authentication is commonplace in the office environment, but it’s not commonplace enough, if you ask us. Too many organizations pass on it, placing their security at risk for no good reason. While the methods might vary, the benefits of two-factor authentication are too good to ignore. We’ll walk you through how to set up two-factor authentication for three of the most common accounts in the business environment: Microsoft, Google, and Apple.
But first, let’s discuss what two-factor authentication is and why it’s so beneficial to utilize.
What is Two-Factor Authentication?
It used to be the case that users would only utilize passwords to secure their accounts. However, passwords are easy for hackers to take advantage of on their own. Two-factor authentication uses at least two of the three methods below to secure an account rather than just the password alone, theoretically making it more difficult for a hacker to access an account. Basically, unless two of the three methods are fulfilled, the account will not be accessible. Here they are:
- Something you know (a password)
- Something you have (a secondary device you own)
- Something you are (biometrics, facial recognition, fingerprinting, etc)
Why Is It Important?
Imagine that your online accounts are a house with two doors: one for the mudroom and one for the house proper. If both doors use the same key, a thief only needs to steal one key to gain access to both the mudroom and the house. Now imagine that the mudroom and the house have two different keys. That essentially doubles the effort needed to break into the home.
Simply put, in the same way as the above scenario, it’s much harder for a hacker to access an account that is protected by multiple measures. For example, even if a hacker has your password, if the account is set up to use an external device like a smartphone or biometrics, they still won’t have access to the account. Unless the hacker goes through the trouble of stealing the secondary device or stealing your fingerprints/facial structure (something that is remarkably difficult compared to swiping a password), the account will remain secure.
Setting Up Two-Factor Authentication
Right, let’s get to the bread and butter of this article: how to set up two-factor authentication for the big three accounts: Microsoft, Google, and Apple.
Microsoft
Microsoft recommends that you either have a backup email address, a phone number, or the Microsoft Authenticator application installed on a mobile device before you get started with two-factor authentication for this account. To get started, go to this page and sign in with your Microsoft account. Next, select More security options. Under the option for Two-step verification, select Set up two-step verification. After that, it’s just a matter of following the on-screen instructions.
The first step here is to log into your Google account by going here. Next, in the navigation panel, select Security. Under Signing in to Google, select 2-Step Verification. Finally, click on Get started. You’ll see the directions for the next steps appear on the screen. You can set up your verification step in a variety of ways, including Google Prompts, security keys, Google Authenticator, verification code via text or call, or a backup code. You can also disable this second step on trusted devices, but doesn’t that defeat the purpose?
Apple
To set up two-factor authentication for your Apple ID, go to your account by clicking here. Sign in, answer your security questions, then click Continue. If you see a prompt to upgrade your account security, tap Continue. Click on Upgrade Account Security. You can then add a phone number for which you will receive verification codes via text message or phone call. Click on Continue, enter the verification code, and turn on two-factor authentication.
Want to get started with two-factor authentication for your business? The three accounts outlined above are just the tip of the iceberg. MSPNetworks can help you implement a multi-factor authentication system that secures your data and network. To learn more, reach out to us at (516) 403-9001.
