REPOST: Can Two-Factor Authentication Keep Your Company's Data Safe?

Hacking has plagued Internet users for as long as the World Wide Web has been available for public use.  With mobile adding to Internet platforms, web companies invest greatly to protect consumers' privacy, many prefer to have their own security checks in place.  This Mashable article discusses the effectiveness of the two-step verification process and other more hack prevention tactics.

Image source: Mashable

Peter asks,

"What's the best way to keep my organization safe from hacking? Is Two-Factor Authentication enough?"

Great question. In the last year, the topic of two-factor authentication — sometimes called two-step verification has become a hot topic amongst consumers and business users.

The idea behind two-factor authentication is that in addition to your regular password, users need to provide an additional bit of information when logging into a service or application. This information is usually a one-time password that is generated either using a mobile app or a physical device such as the YubiKey. Sometimes, those one-time passwords are sent via text message to a user's mobile phone.

Depending on the service and the security settings, these additional passcodes can be required on every login or just when logging in on new machines or from new locations. Most services also require users to re-authenticate themselves every 30 days, regardless of location. The idea is that by requiring additional information that can only be provided by the authorized person, hacks by outsiders are much less likely.

Google first offered two-factor authentication for its Google Apps and Gmail accounts back in 2010. Facebook followed up with its own version of two-factor verification in 2011. In the last year, we've seen other consumer-facing companies follow suit, including Dropbox, LinkedIn,Apple, Microsoft and Twitter.

OK — so is this enough to prevent your organization from being hacked? It's a good step — but two-factor authentication is nota panacea.

The important thing to remember about two-factor authentication is that like all security, it's only as strong as its weakest link. Many companies offer users a way to verify their logins using a mobile app or an SMS code. This means that if a user loses his phone, he's going to lose physical control over that method of authentication.

Because most services don't require users to use a passcode for every login (especially on known machines or networks), if someone gains physical access to your machine, your information could still be compromised.

These situations are unlikely vectors for most hacks, but it's important to remember that while it's a good start, two-factor authentication is not the only solution for security.

If you use consumer-facing web products with your business, we highly recommend requiring all users to use and enable two-factor authentication. In the past few months, we've seen a spate of phishing attacks targeting various organizations that use Google Apps. The use of two-factor authentication greatly reduces the ability for those attackers to break-into accounts, even if they are able to get a user to give up their password.

Here are some additional tips to use in conjunction with two-factor authentication:

• Require all employees to use a different and distinct password for every web service used by the company. What frequently happens is that someone uses the same password for their email as they do for a CMS. That means that even if a hacker can't phish his way into the mail system, he might be able to access other services controlled by that same username.
• Encourage or require all employees to use a password management app such asLastPass or 1Password. I don't actually know the password for most of my most important accounts. Why? Because I use 1Password — a password manager that works on Mac, PC and iOS. Solutions such as PassPack and LastPass are often even more ideal for businesses because they allow employees to share passwords to accounts with one another, without revealing the actual password. It also makes updating shared passwords very, very simple.
• Have a plan in place in case a phone or laptop is stolen. Applications such as Preycan help users track stolen or missing devices. Additionally, tools such as Apple's Find My iPhone and Samsung's Find My Mobile allow users to track and remotely wipe their lost or stolen smartphones.
• Educate employees about phishing scams and tactics. Even the most seemingly-savvy employees can get phished, so it's important to regularly explain best-practices and common phishing techniques to employees. Also, NEVER email passwords.
• Practice what you preach. If you're spreading the gospel of two-factor authentication, make sure you use it yourself.

eSecurity is constantly evolving. Telepacific helps customers thwart malicious attacks with products like OneSecure.  Like this Facebook page to stay updated about the company's other products.

TelePacific Communications Keeps Your Business Communication Lines Stronger than Ever

When your business relies on steady communication in order to thrive, you cannot afford anything less than the best communication service.  After all, your business is on the line, and if it is not on the best communication line available, this could ultimately affect your bottom line.  TelePacific Communications has more than a million lines throughout the country so that you can keep your business moving forward in today’s economy.

Draw the line with companies that offer poor communication service – either in the quality of their telecom devices or in the quality of their customer service.  TelePacific Communications is one company that focuses on offering high-quality network technology along with customer service.  The company offers a modern infrastructure, including metro Ethernet access, soft switches, optics, and NG routers.  In addition, regarding broadband service, businesses in Texas, Nevada and California can have Ethernet, fixed wireless and copper access.

No matter where your business is situated – in East or the West – TelePacific Communications can easily cover you telecommunication needs.  It actually has a private Internet protocol solution that provides a virtual private network covering more than 600 cities in more than 60 nations.

If you need top-notch communication services but want to reduce your expenses or to embrace a technology upgrade, you can even choose to participate in TelePacific Communications’ leasing program and get upgrades right away.  The company truly does work hard with you in mind – striving to meet your unique needs no matter where you do business.

With communication services from a leading company such as TelePacific Communications, you cannot go wrong.  The company has actually received recent awards from Next Generation Networks and Telephony Magazine.  TelePacific Communications will allow you to operate with top-of-the-line service so that you can keep your communication line with customers strong in addition to keeping your bottom line robust for the coming years.