Passwords alone aren't secure
Traditional password security is becoming less and less effective as hackers use attack vectors such as phishing, brute force attacks, spraying attacks, and various other means of password compromise to gain access to a user’s systems and accounts.
Tougher password security can combat weaknesses in access points, and also offer small business a competitive edge by showing that they take their security (and, therefore, their customers' security) seriously. It also facilitates interaction with enterprise companies as part of a supply chain.
The Government recommends multi-factor authentication (MFA)
The National Cyber Security Centre (NCSC) notes that “it doesn't matter how ‘good’ your password is, it’s not enough to secure access to valuable online services on its own”. As such, the centre published guidelines in June 2018 urging organisations to utilise multi-factor authentication (MFA), an authentication process that requires users to present at least two pieces of identifiable information to gain access to an account.
For example, MFA can prompt users to present both a password and a PIN. Users can also be asked to offer a thumb print along with a PIN and/or password as a means of MFA.
Why use MFA?
The security MFA offers can be a significant advantage to small business, as it allows an extra layer of protection without requiring processes that employees may find cumbersome. Much more importantly, it puts hackers at a distinct disadvantage as it hinders attacks such as phishing attacks and brute force attacks considerably by preventing hackers from gaining passwords for a single point of entry.
And as the NCSC points out, stealing a password is relatively easy these days. Even stealing a second identifiable factor may be simple to do the NCSC notes, but stealing a matching pair is not so simple, which is why MFA is so effective.
How small businesses can upgrade to MFA
Switching from traditional login security to MFA may seem like a daunting task for small businesses, but it’s a simple process that can be managed easily with a cloud-based service, such as the one offered by Duo MFA, for example, has a variety of MFA processes that small business can take advantage of.
For example, Duo Push allows users to authenticate themselves using push notification sent via the Due Mobile app. It also supports Universal 2nd factor (U2F) security tokens, hardware tokens, mobile passcodes, SMS, callback, and biometric authentication.
For small businesses, a service like Duo can be the solution. It requires zero IT resources to run and can offer cost cuts in areas like internal help desks by offering fast deployment at scale. Duo can be the answer to password security concerns.
Duo MFA implementation and pricing
Implementation, deployment and use of Duo is extremely simple, and the offering has four different pricing structures to choose from: Duo Free; Duo MFA at $3 per user, per month; Duo Access at $6 per user, per month; and Duo Beyond at $9 per user, per month.
For more details on what Duo can do for you and your small business, check out this video and be sure to sign up for your risk-free trial to see how Duo can help you manage your password security and offer you a simple and effective path to MFA.