The FBI is encouraging small and mid-size businesses to implement two factor authentication for their employees. Many large businesses already have implemented two factor authentication (TFA or 2FA) and have realized a safer cyber environment for their companies. The FBI recently issued a news release in an effort to increase awareness with small and mid-size businesses.
Many people already use TFA or 2FA frequently – for example, when you use your ATM card with a passcode/PIN.
TFA is generally more secure than just a password. TFA means you need two components to access online information. By requiring a second authentication, it makes it harder for a cyber-criminal to access your account or data. The criminal may guess your password and answers to security questions, but usually won’t have your second source of authentication. For TFA to operate, it needs both:
1. Something a person knows – such as a password
2. One of the follow:
· Something a person has – such as a fob with a frequently changing code
· Something a person is – such as fingerprints
· Somewhere a person is – such as location at the time of authentication
As part of National Cybersecurity Awareness Month, FIDO Alliance has introduced Two-Factor Tuesdays, hoping to increase awareness in the value of implementing standardized TFA. FIDO is a trade group focused on establishing standard specifications for a range of authentication technologies. It’s members include major technology companies, banks, and other key partners in the TFA space. There is a significant push in the cybersecurity world to get broader acceptance of TFA to reduce reliance on just passwords.
What you can do
Talk with your IT specialist about how to set up TFA for your employees to access your network, and sites your employees use for business, such as Saleforce.com, Drop Box, or Basecamp. This site is one place where you might start, to see if and how a service provider offers TFA.
Like our daily blogs on all aspects of cybersecurity? Get them daily by following us on Twitter!