Why do I have to get a txt message to sign into systems/services? What happened to just entering my username and password?
Answer, Multi-Factor Authentication (MFA). If your systems aren’t using MFA, then you should enable them and start using it. Why? Email is still the number one way hackers are gaining access to sensitive data and using that data to cause other damages. If an attacker gains access to an email account they can perform the following:
- Send out emails from this account to other users, customers, vendors, etc to gain access to other sensitive information.
- Send emails to internal financial employees to perform wire transfers to the attacker’s bank account. Since the email is coming from an internal user the request for wire transfer looks legit and is usually performed.
- Send email to internal security personnel requesting alarm codes.
MFA protects against these types of attacks by requiring the person signing into the system/service to provide a second, or even in some cases a third, piece of information that only the authorized user has access to or possession of. If your email system doesn’t have MFA capabilities, then it’s time to switch!
CBTech Support helps its clients implement MFA, and other security layers, to keep their data secure. This ensures that only authorized users are signing into their email, and other systems, which protects against the myriad of compromises that can develop from the breach. Contact us to learn more http://bit.ly/2pPj4C8