3 minute read
Two-factor Authentication The Cyber Security Tool You Need
It Is a Fact, You Need Two-Factor Authentication
By BLAKE DOWLING
Cyber criminals and cybercrime cost our world about $6 trillion last year. This figure is calculated in ransoms paid, destruction of data, lost productivity, stolen money, theft of property and several other criteria. The hospitality industry faces unique challenges to their cyber security. If you have not done a comprehensive review of your cyber security, now is the time.
What is two-factor authentication — or multi-factor authentication, or 2FA as it is often referred to? 2FA is a digital process where a user is granted access to a website, network or application after completing a process involving that platform and then a separate authentication device. The most common example you have probably seen is with your bank. Have you logged into your bank account and then they send a code to your phone which you then enter along with your password to gain access? That is 2FA. The financial sector adopted this approach early and the hospitality industry is still playing catch-up. 2FA was said to have been invented and first made available by the RSA Company in 1986 with a key fob being the authentication tool. In 2010 Google launched 2FA to combat China attacking Gmail accounts. Other companies like Twitter and Dropbox soon followed. Why are these companies doing this? We live in a world of breaches in which passwords are stolen and then sold on the dark web every day. Breaches like the Equifax one years ago put millions of our passwords out there. If a hacker buys your social media account’s password — that you have never changed even though your IT person reminds you to — they log in as you and they are off to the races posting links as you with ransomware or other malware, or worse, on your page. If you have 2FA when that login happens you get a notice on your phone that says something like “there is a user attempting to log in, do you accept, yes or no?” If it is you, you click yes. If you are sitting on the beach and it is not you, you click no and a hack has just been stopped in its tracks.
Some situations that can cause problems would be providing free Wi-Fi to clients. Make sure that network is segmented and is password protected, so there are no loopholes into the network to access credit cards and other confidential information. Make sure you have an enterprise level firewall at your location and deploy features like Geo-IP filtering, blocking non-U.S. IP addresses. This will become even more important with the war in Ukraine as Russia ramps up their cyberattacks on our nation in response to sanctions from the West. Do you own cyber insurance? Have redundant backups? These are all part of the cyber security bundle and the questions you must answer to protect your business. Most importantly, do you have two factor authentication deployed? 2FA also assists with preventing other cybercrime like phishing, key logging and brute force attacks, securing your login information from hackers that are looking to exploit weak or stolen credentials. 2FA alone will not stop hackers but used in conjunction with the other tools mentioned it could be the added advanced threat protection that stops your brand from being another headline involving a breach, hack or other cyber incident. It is just a matter of time until a cyber attack lands on your door if it has not already, that is a fact. Will you be ready?
Blake Dowling is the CEO of Aegis Business Technologies in Tallahassee, Florida, the author of the book Professionally Distanced, and the host of the Biz & Tech Podcast. His tech columns are also published at FloridaPolitics.com and the Tallahassee Democrat. He can be reached at dowlingb@aegisbiztech.com Professionally Distanced: All Access stories from a Florida business during the 2020 pandemic: Dowling, Blake H., Block, Ken: 9798507600595: Amazon.com: Books