One UK company is hacked every 19 seconds.1 Cyber-crime is an existential threat to business. However, many organisations fail to take even the most basic precautions to protect themselves. In this article, we look at how the adoption of a simple, inexpensive security measure known as Multi-Factor Authentication (MFA) can help prevent hackers ransacking your systems.
Leaving the backdoor open
Security is only as good as its weakest link. A high-tech security system is useless if you leave the backdoor open. Similarly, it’s easy for hackers to access your systems if you and your staff use weak passwords. Last year, the UK’s National Cyber Security Centre (NCSC) reported that 23.2 million hacked accounts used the password 123456.2 Weak passwords are easy to hack with the right information. That’s why cyber criminals trawl through peoples’ social media profiles. They are looking for the dates of your children’s birthdays and names of family pets. All the things that make weak passwords vulnerable to attack. They can also use this information to trick you into revealing login credentials through phishing emails and bogus text messages.
Counting the cost of being hacked
Once a hacker has access to your systems, they can steal confidential data, damage software, spread malware and hold your company to ransom. The harm and disruption caused can cost you a small fortune in lost revenue, negative publicity, network repairs, legal fees and regulatory penalties. The cost of damage related to cyber-crime is projected to hit £4.87 trillion annually by 2021.3
Strong password management
Certainly, cyber-crime represents a clear and present danger to every business. However, there are simple things you can do to minimise the risks. First, introduce a password policy. Strong passwords should be a combination of at least 12 alphanumeric and special characters, the longer the better (8Hkl%n4@79!dcX7#WeX54). Never use the same password twice. Don’t write down your passwords. Instead, use a secure password manager.
To improve password security with minimal fuss, introduce Multi-Factor Authentication (MFA). As the name suggests, Multi-Factor Authentication requires two different forms of verification. Typically, this is something you know like a password and something you have such as your fingerprint or a mobile app.
MFA is easy to implement and inexpensive to setup. It is already widely used for online banking, games and social media, so will probably be familiar to many of your staff. MFA adds that extra layer of security you really need when staff are working remotely from home or accessing the company database from insecure locations such as airports and cafes.
In some cases, MFA can alert you that someone is trying to hack into your systems. If you get an authentication request pop-up on your phone, when you have not tried to login, then you will know something is wrong and can take action to protect your data.
Good for business
Adding simple security measures like MFA can even be good for business. Customers and partners will appreciate that you are making that extra effort to protect their data. Similarly, MFA can be used to demonstrate good governance and help meet compliance duties. You should also see a reduction in suspicious user account activity that requires password resets. This will save you time and money otherwise lost to unexpected downtime.