Usernames and passwords are not enough to protect your business

Posted by Phil Bird

Managing Director, The PC Support Group

Tue 20th, Nov

I’m always struck by how serious the after effects of cybercrime can be, for businesses and individuals alike. Just one successful phishing attack, or an innocent-sounding conversation with a conman, and the result of years of hard work and sacrifice can all be undone in a few minutes.

When I hear these stories, I reflect on what the consequences could be for my business, my family, my colleagues and our clients too. Data theft is growing rapidly in volume and sophistication, with hackers increasingly adept at creating believable phishing emails and impersonating trusted organisations like banks (called social engineering), to trick people into revealing email addresses, usernames and passwords. And with the growth in cloud-based applications, once criminals have these electronic keys, they can access systems and cause havoc at will, from anywhere in the world.

But by taking some simple, extra precautions, we can all make it harder for the villains and easier to keep the things and people we value safe. There’s one defence that I strongly recommend you apply as widely as possible – Multi-Factor Authentication (MFA).  You’re probably using MFA already. When you log in to your online bank, enter your email or username and password, you're then asked for another code – that’s MFA. It adds an extra security layer, or ‘factor’, on top of usernames and passwords (which, as we know, are often not strong enough), before any access to data is allowed.

Also known as Two-Factor Authentication (2FA), MFA provides a unique, time-limited code via a hand-held device, such as PINsentry from Barclays, SMS or app, that is almost impossible for hackers to intercept. Even if the criminal has a stolen email address, username and password, MFA keeps the data safe.

This is a bit of a personal crusade for me. Every day I speak to SME owner/managers who, just like me and my colleagues, have worked their socks off to make a success of their businesses – and it’s satisfying to play a small part in helping to protect their hard-earned achievements.

Here’s a quick checklist to get you started on MFA:

  • Make a list of everything you and your business accesses using an email address, username and password
  • In particular, identify those systems or services that are cloud or web-based – as they are the ones most at risk of being hacked
  • Check with the providers of these systems (or ask your IT support company) to see if MFA can be applied and then do so immediately

If your current provider hasn’t mentioned MFA to you yet, then I would be a bit worried about that! We regard this kind of advice and guidance as part and parcel of our proactive support service that keeps our clients’ businesses as safe as possible, and delivers reliable, smoothly-running IT.

If you’d like to find out more about MFA, your options and how we can help, speak to our friendly team  here at The PC Support Group on 03300 886 116 or email us on info@pcsupportgroup.com for an informal and confidential chat.

Best wishes

Phil Bird, Managing Director, The PC Support Group

Leave a comment

5 minutes with...

Fri 14th, Dec

Jake Mills, Founder and CEO of Chasing the Stigma

WoMEN in Tech

Fri 14th, Dec

5 minutes with...

Mon 10th, Dec

Robbie Spear, Specialist Insurance Manager at Novo Incident Management

Danny Houghton, Partner at MHA Moore and Smalley interviews Chamber CEO, Paul Cherpeau

Mon 03rd, Dec

Danny Houghton, Partner at MHA Moore and Smalley has had a Q&A session with Paul Cherpeau, Chief Executive of the Liverpool Chamber, on what he thinks of the economy in Liverpool today. Keep reading…

Developing the North’s Major Roads Network

Fri 30th, Nov

Peter Molyneux, Transport for the North’s Major Roads Director, explains why we need a Major Roads Network for the North and how the network has been mapped out.

5 minutes with...

Thu 29th, Nov

Ian Pollitt, Assistant Project Director - Liverpool Waters