Some of this is because cracking passwords isn’t all that difficult in most cases. To avoid providing access to your bank or credit card accounts, or to other sources of sensitive information, the companies are striving to ensure that only authorized individuals are accessing those accounts or information. In short, it is just a way of making sure that the owner of the login is the one accessing the account or information.
As a brief explanation for those who may be unfamiliar with this process, two factor authentication means using to steps to gain access to the accounts or information. Step one is the login and password/passcode. For many, these are not nearly so secure as the owner might think. Step two is responding to an automated email, text, or phone call to a previously supplied number or address. This either gives the authorized user the access to their account or data or lets them know something nefarious is happening with their user account.
Unfortunately, this security measure isn’t necessary just for large businesses. It is a relatively simple step for small businesses to add and a necessary one to insure they are protecting the sensitive information or accounts they have. As reminder from the previous article and from the Small Business Administration, 43% of cyber attacks target small businesses. Small businesses that suffer damage from these attacks spend $955,000 per attack on average!
If you use computers in your business, regardless of the size of your business, you should be using two factor or multifactor authentication. Even if you are the only employee of the business. The computer should require more than one factor just login. Why? What if that computer gets stolen or accidentally left somewhere? How easy would it be to gain access to the contents? Many people and businesses pay bills with credit card information stored on computers. If someone gained access to your computer, would they be able to go shopping online with your credit cards?
All of this becomes even more important when you employees that are given access to company computers and software. They too should be required to use two or multifactor authentication. This becomes especially important when they are using company laptops and software away from work.
If you haven’t already begun strengthening your cybersecurity processes and procedures, now is the time! Don’t wait to become one of the statistics above. It won’t be long before that $955,000 is over $1 million. If you think about it, at that price to recover, many or most small businesses don’t recover.
Business Tips” was written by James Leavelle, Senior Certified Business Advisor of Angelo State University’s Small Business Development Center. For more information on the topic of this article or the services of the ASU · SBDC, contact him at James.Leavelle@angelo.edu.