Why Two Factor Authentication is Now Mandatory for Accounting
Financial data is your company’s greatest asset. As a result, it’s also your company’s biggest liability.
The global cost of cybercrime is projected to reach $6 trillion annually by 2021. In response, more than $1 trillion will be spent on cybersecurity between now and then. Hackers are highly motivated to go after financial data, and companies are scrambling to stay ahead of attacks.
The good news is that one of the most effective defenses is also one of the most affordable and accessible.
What is Two-Factor Authentication?
When you log in to something like your email account you’re asked for a username and password. After supplying the correct information you’re granted access. This is an example of single-factor authentication.
With two-factor authentication users are asked to supply an additional piece of information. Often, a randomized six-digit code is sent by SMS to the user’s phone. After they have supplied first the username and password and then the six-digit code, access to the email account is granted.
A dedicated pin or a biometric marker could also be used instead of a randomized code. The idea is simply to create another hurdle that hackers must clear before gaining access to sensitive information.
Why is Two-Factor Authentication Important?
One of the biggest accounting stories from 2017 was the revelation that Deloitte had been hacked and that the breach had been covered up for months. As details were revealed, however, it became clear that the lack of two-factor authentication was at the heart of the problem.
Login credentials are notoriously easy to steal. Users choose easy passwords and use them across multiple accounts. If and when these credentials are stolen, hackers have access to a treasure trove of valuable information stored inside of an email inbox or other protected accounts. This is exactly what happened at Deloitte after hackers compromised a single email account from a low-level administrator.
With two-factor authentication in place the hackers would have struggled to clear the second level of authentication. This form of protection is not ironclad, but it does deflect all but the most motivated hackers. Better still, the extra layer of security is not cumbersome for users.
After one of the big four accounting firms falls victim to the most basic type of cybercrime, it’s time for everyone in the industry to get serious about cybersecurity. When an attack is likely and the consequences are severe, no company can dismiss proven security measures like two-factor authentication.
Data security is just one component of data management. Optimizing every component is important because data management is at the forefront of today’s and tomorrow’s accounting. When you’re ready to explore this issue with experts, contact InCloud360.