Cappuccino Chat - Episode 16 - 2 Factor Authentication

welcome back to another episode of cappuccino chat this time we're going to talk about two factor or multi-factor authentication so grab a cup of coffee let's chat this time we're going to talk about multi factor or two factor authentication what it is why you should use it when you should use it and how to identify those risks associated with the appropriate time to use it I know that all sounds confusing but it's not so the two factor authentication or multi-factor authentication what that is is is multiple layers of authentication so most times we're used to seeing this a lot with our banks when you're doing any kind of online banking if you are not seeing this when you're doing your online banking look for a different bank or contact your bank immediately to enable that feature for yourself so what it is is you type in your username and your password at that point it's going to come back and challenge you with another form of authentication now normally for most of us that's cell phone text or an application that text is going to give you a PIN number or the app will give you some kind of PIN number to a authenticate with there's also in the medical field biometrics in the movies you see retinal scanners and the government they'll actually use those those types of layers are also layers of multi-factor authentication so again we're challenging you with something that you have to know two different passwords basically to get let in now when should you use multi-factor authentication with your business there's two times when I recommend using it so if you allow remote access into your network by employees or yourself or vendors you definitely want to turn on multi-factor authentication that could just be with your VPN or multi-factor on top of your VPN again we need to identify those risks but if you are allowing outside access into your network you definitely want to consider the risks of turning on of not turning on actually multi-factor authentication when else should it definitely beyond anything that you're using in the cloud so if you are doing online banking right any kind of your cloud applications whether it be POS maybe QuickBooks Online any of your other core applications that may be hosted with a cloud provider or be provided via a web browser you want to enable two-factor authentication if that partner if that application doesn't offer two-factor authentication you should really consider finding someone else that take security seriously in today's world your standard password that everyone doesn't do a good job of password hygiene in changing their passwords managing their passwords ensuring that they change their passwords two-factor authentication is a must now two factors not the end-all be-all it is not going to stop everything right so for instance your office 365 or Google Apps for any of you that use Google as well turning on two-factor authentication is great so if someone goes to get into your email they're going to need that extra code but let's say you're on your computer either at home wherever accessing outlook and it prompts you for two-factor great you're going about your business you're doing your daily life and an email comes in and you get redirected to a website that you know is malicious has a kind of code on it at that point they've already bypassed the two-factor because you've entered the code so again just by entering two-factor authentication and enabling that does not mean you need to ignore all other layers of security if you're not sure what other layers of security you should be considering see my other video where I talked about why you should have layered security inside your business now one thing that we need to do to help you determine where this is at is do some kind of risk analysis so again are you opening yourself to outside vendors or employees the answer is no again don't you have a very low risk of why maybe we be using two-factor authentication but let's say your clients come into your office so you're constantly having strangers basically in and out of your office and when they come into your office they could get access to maybe a computer or a terminal of some kind think of a doctor's office when you walk into a doctor's office you can win two though the room the nurse will come in pull up your chart you know take your blood pressure check your temperature all those good things and then they leave the room well if they leave the screen unlocked anyone can then access that terminal at that point right so that is bad we would definitely want to enable two-factor authentication so we don't want them guessing a weak password or just typing on the keyboard and opening and opening the application to view or change data at that point that would be bad but let's say you don't have users your clients come into the office again then your list your risk goes way down now if you then use cloud applications which most of us nowadays are using some kind of email application and we're not posting email as much internally so we're going to be using office 365 or Google Apps or some other kind of email provider again you're gonna want to turn that on that's pretty easy to do most services allow for some type of two-factor built into it office 365 does and I know Google does as well some of your other third-party email applications probably have a way for you to turn it on you may just need to go in there and enable it and you should maybe you don't do any cloud applications either again your risk comes low so there would be possibly no need to enable two-factor authentication in the medical industry there is a good reason to enable two-factor and at that point even just turning on and logging into your computer we would possibly want to consider enabling two-factor authentication even for that very first layer again if computers and terminals get left unattended where a end user can walk up to it hit the keyboard move the mouse and possibly get access to system we would want to have that extra layer of locking the screen and even two-factor authentication so if you have any questions about why when where you should enable two-factor authentication definitely reach out give us a call seven six zero seven seven zero five two zero zero see you next time you