Two-Factor Authentication

Are you using Two-Factor Authentication? ACT Systems have seen a rise in reports of fraudulent use of email accounts in order to steal information or money from businesses in the past months.  Once a “hacker” has access to your email account they can access all your contacts and see your entire email history, a “hacker” can also make use of the contacts and information to impersonate you emailing your contacts and intercepting the replies.

The risk of this happening to you or your business can be greatly reduced by implementing an additional form of authentication to your email accounts.

What is Two-Factor Authentication (2FA)?

It’s nearly impossible to truly secure an online or mobile account with just a username and password. Data breaches, malware, device theft, and various other methods can be used to compromise digital passwords, no matter how secure they are. Almost everything we do on a computer or mobile device is exposed to the internet, and that means those accounts can be compromised. Adding two-factor authentication to an account makes it harder for a stolen password or device to be used against you.

2FA supplements usernames and passwords to provide an account with a second layer of security; it does not replace passwords.  “Azure MFA for Office 365” is a basic 2FA offering within all Office 365 accounts, some users may require a more complex setup than this…

Does your business need “Conditional Access”?

Azure Conditional access is a service that requires additional licensing, costing £4.50 + VAT per license per month.  Conditional Access is not just Multi Factor Authentication, it can build access policies based on device management status (Intune or 3rd party MDM), application type, or a combination of many factors.

Conditional Access would allow an administrator to enable a policy that allows all users connect from a specific Office location (identified by external IP address) to bypass the 2FA procedure, essentially specifying a location as a “safe place”, if however users attempt to login from outside that office location they will be prompted to pass additional security.

Implementation

ACT Systems can assist you in enforcing the policy company wide for more information please get in contact with us