Multi-Factor Authentication is a no-brainer!
The preferred and most common access vector for hackers and spammers is with valid user credentials!
Firm’s can no longer solely rely on passwords, regardless of their complexity, for the protection of their systems and data. Over 30% of users admit to re-using passwords from personal accounts at work. And since passwords have become more complex, users often rely on insecure methods to store their password from post-it notes to non-encrypted files on their computers.
The bottom line is that all firms should employ a multi-factor authentication process.
What is Multi-Factor (2FA)?
Multi-factor authentication is a security protocol where a user must enter more than one security factor to enter the system. Most commonly, this will be the user’s password followed by numeric code which is delivered directly to the user.
Is multi-factor a hassle?
No. It takes seconds to enter the secondary code and the security benefits vastly outweigh typing a few extra numbers. Computing without multi-factor is like texting while driving without a seat belt.
How does it work?
ProCirrus offers 4 primary methods for multi-factor authentication and we offer this service for only $1 per month. You can have multiple options set up on your account as backups in the event your primary option is unavailable.
Its super simple.
When you log in, you will be prompted for your OTP (one-time passcode). Depending on your preferred method (see below) you simply enter that code and you are logged in!
The Four Multi-factor Options
RECEIVE YOUR one time passcode BY TEXT
This is the most common method for firms that allow the use of cell phones
Use free google authenticator APP
This is a free app that you can download to your phone. The app can support multiple sites if you have multi-factor for other locations!
Use credit card sized token generator
This is perfect for firms that do not, or can not, allow cell phone use at work. The user simply presses a button to get the second factor code.
RECEIVE PASSCODE VIA EXTERNAL EMAIL
This is usually reserved as a back up option. Note the email can not email that is protected by the multi-factor service.
Meet compliance requirement or just do the right thing
Whether driven by compliance requirements or simply to adopt security best-practices, adding multi-factor authentication is one of the biggest security returns for the lowest cost and effort your firm can make.