Categories
IT Security IT Solutions Managed IT Services

When Two-factor Authentication Is Not Enough

Interesting to see an article stating when two-factor authentication is not enough but this is a reality organization must face to understand their cyber security.

Two-factor authentication (2FA) or multi-factor authentication has been one of the best and most secure go to gold standard of cybersecurity.   Many are still adopting it at a fast rate however there still are many not using it.

There are many cyber security solutions and services out there, but you cannot build any security solution without two-factor authentication enabled.

In an interesting turn of events, a professor at the Rochester Institute of Technology professor suggested two-factor authentication (2FA) can be manipulated by bad cyber criminals.  His business article makes a strong case that managed IT services providers (MSP), IT departments, and other IT security professionals should not take this potential weakness for granted.

It is important to understand the fact that two-factor authentication (2FA) is not 100 percent guaranteed and by no means is this a reason to stop using it as no security tool or service is perfect.  Two-factor authentication (2FA) is still worth using as it still significantly decreases the likelihood of account compromises.

A recent The New York Times article stated that 2019 was a tough year for two-factor authentication (2FA) as many organizations were enabling two-factor authentication (2FA) thinking it was enough and ignored that a smart cybercriminal could still get access to your account.

When Two-factor Authentication Is Not Enough 1

So, where does two-factor authentication (2FA) stand today in 2021?

An online cyber security service recently caught up with a couple of noted cybersecurity experts for their thoughts on the current state of two-factor authentication (2FA) and there were some interesting points.

They all confirmed that two-factor authentication (2FA) is not perfect, but it is still safer than not using it at all.

The battle against cybercriminals and hackers is an ongoing battle with no sight of the end.  Organizations need to increase their spending on their IT cyber security budgets and also measure if the in-house team can handle all the new threats.

Whether and organizations is using two-factor authentication (2FA) or other any other technology such as biometrics, if an organization does not have the business culture about cybersecurity, then it will not matter what cyber security service you pick.

Corporate users are not always safe, and cybercriminals will find a way to access the network.  It is very important to continue cyber security education as well as changing your IT best practices as a regular routine.

Organizations need to increase spending on their IT infrastructure as well as hire the right IT professionals to keep the system and data secure.   Your IT partner should continue education in cyber security knowledge and skills.

The most potent weapon organizations and managed IT services (MSP) can deploy is not technology, it is educational.

When two-factor authentication is not enough?  There are ways to make it better.

When you use two-factor authentication (2FA) for security purposes, you usually gat an SMS message.  This message can be intercepted and decoded by cyber criminals.   To get around this, some organizations use Virtual Private Networks (VPN) connections on all devices as this will encrypt the data from point-to-point.

365 iT SOLUTIONS  is federally certified by the Canadian government under CyberSecure Canada certification.

Have Your Passwords Been Stolen in a Data Breach?

Our free data breach scan today will look at the Darkweb to investigate if your passwords have been stolen in a data breach.

365 iT SOLUTIONS  is a leading Cloud Services Providers Toronto and Managed Security Services Toronto.

365 iT SOLUTIONS  offers industry leading Managed IT ServicesManaged Security ServicesIT Support ServicesIT Outsourcing ServicesTech Support ServicesCloud ServicesBusiness continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring as an IT consulting boutique firm in Toronto.

We Make IT Simple!