Usernames and passwords are not enough to protect your business

Posted by Phil Bird

Managing Director, The PC Support Group

Tue 20th, Nov

I’m always struck by how serious the after effects of cybercrime can be, for businesses and individuals alike. Just one successful phishing attack, or an innocent-sounding conversation with a conman, and the result of years of hard work and sacrifice can all be undone in a few minutes.

When I hear these stories, I reflect on what the consequences could be for my business, my family, my colleagues and our clients too. Data theft is growing rapidly in volume and sophistication, with hackers increasingly adept at creating believable phishing emails and impersonating trusted organisations like banks (called social engineering), to trick people into revealing email addresses, usernames and passwords. And with the growth in cloud-based applications, once criminals have these electronic keys, they can access systems and cause havoc at will, from anywhere in the world.

But by taking some simple, extra precautions, we can all make it harder for the villains and easier to keep the things and people we value safe. There’s one defence that I strongly recommend you apply as widely as possible – Multi-Factor Authentication (MFA).  You’re probably using MFA already. When you log in to your online bank, enter your email or username and password, you're then asked for another code – that’s MFA. It adds an extra security layer, or ‘factor’, on top of usernames and passwords (which, as we know, are often not strong enough), before any access to data is allowed.

Also known as Two-Factor Authentication (2FA), MFA provides a unique, time-limited code via a hand-held device, such as PINsentry from Barclays, SMS or app, that is almost impossible for hackers to intercept. Even if the criminal has a stolen email address, username and password, MFA keeps the data safe.

This is a bit of a personal crusade for me. Every day I speak to SME owner/managers who, just like me and my colleagues, have worked their socks off to make a success of their businesses – and it’s satisfying to play a small part in helping to protect their hard-earned achievements.

Here’s a quick checklist to get you started on MFA:

  • Make a list of everything you and your business accesses using an email address, username and password
  • In particular, identify those systems or services that are cloud or web-based – as they are the ones most at risk of being hacked
  • Check with the providers of these systems (or ask your IT support company) to see if MFA can be applied and then do so immediately

If your current provider hasn’t mentioned MFA to you yet, then I would be a bit worried about that! We regard this kind of advice and guidance as part and parcel of our proactive support service that keeps our clients’ businesses as safe as possible, and delivers reliable, smoothly-running IT.

If you’d like to find out more about MFA, your options and how we can help, speak to our friendly team  here at The PC Support Group on 03300 886 116 or email us on info@pcsupportgroup.com for an informal and confidential chat.

Best wishes

Phil Bird, Managing Director, The PC Support Group

Leave a comment

Rawhide Custom

Fri 08th, Feb

Carving a niche market through customisation, personalised detail, and social media

5 minutes with...

Fri 08th, Feb

Peter Taaffe, Managing Partner at Liverpool-based accountancy firm BWM

Will we still be saying “Cheers” after Brexit?

Mon 14th, Jan

This is the second of a series of articles from the Liverpool Business School, Liverpool John Moores University, focussing on contemporary issues for local businesses.

How to prepare your business for sale

Mon 14th, Jan

Corporate solicitor James Pressley from Kirwans law firm looks at the key points to consider when thinking about selling your business.

5 minutes with...

Fri 11th, Jan

Wayne Blair – Senior Project Manager at Kier Construction North West