Multi-factor authentication is one of the easiest tools to thwart a hacker, yet it’s often not implemented at small- and medium-sized manufacturers. Here’s what’s crucial to know:
- “It’s a best practice to stop a bad actor from accessing your account, and more powerful when partnered with a strong password,” says Laura Élan, MxD’s senior director of cybersecurity.
“Here’s why it’s so important – because there’s often resistance to using strong passwords,” Élan says. “They’re difficult to remember. If you write them down, you often lose them. Companies often don’t force employees to use passwords of sufficient length to be difficult to crack using common hacking methods. Consequently, if you don’t use strong passwords, multi-factor authentication is your best bet. In fact, it’s often easier for people to actually follow, because it doesn’t require them to remember anything.”
- Two-factor or multi-factor authentication is based on the idea that your login and password are reinforced by something that you have (like your email or cell phone), something that you are (such as biometric data from your face or fingerprint), and something that you know (such as a passphrase, password, or token).
“It has to use at least two of those things, preferably all three,” Élan says.
- Put it on the software that is most critical, and email is the most critical.
“Email is a treasure trove of data that bad actors can use,” Élan says. “Also ask yourself, what systems, if they were compromised, would disrupt your business operations? You want multi-factor authentication on any system that, if taken down, would take down your business.”
- Put it on your company’s Wi-Fi network access.
If a bad actor gets into a shared network, he or she, using sniffing tools, can peer into your computer and steal information, such as login information, Élan says. Make sure only the people you want to access your network access it.