2FA for all: making customer and employee access secure with 2-factor authentication

Written by
GMS

Many companies – particularly those involved in banking and e-commerce – use 2-factor authentication (2FA) to secure their customers’ information and accounts. This simple security measure can prevent account takeovers, fraudulent activity, and identity theft.

As we have explained previously, 2FA is when a customer wants to access their account they not only enter their username and password but will also be asked to prove their identity using a “second factor” on top of the password. This second factor can involve something they have (like a phone) or something they are (like biometrics).

Corporate 2FA

However, are companies requiring their employees to use 2FA? It seems not. According to one internet security source, only 45% of businesses surveyed were using more than one authentication factor (and this was from a sample set of companies already using password managers). Worryingly, larger companies fared even worse: only 3% of organizations with over 10,000 employees used such authentication checks.

Why does this matter? Because so many security breaches are attributable to human error. People tend to trust that their company’s information security team has everything covered, or choose convenience over security concerns.

Passwords are, as with most people, a problem: people reuse passwords across different sites (and not just those used for professional purposes) and even write them down, leaving them in plain view. They can also be guessed or cracked by attackers who have access to employees’ personal details through social media or phishing. Busy professionals are particularly vulnerable to various kinds of phishing attack, as they don’t always have the time to rigorously examine the address an email was sent from (assuming an attacker hasn’t managed to simply “spoof” the email address of a fellow employee).

These kinds of vulnerability represent an opportunity to gain access to a company’s systems, including their internal networks, file storage, and email programs. Among other threats, commercially sensitive information can be copied from company servers, malware can be introduced, and client information can be skimmed from intercepted emails.

At GMS, we work with hundreds of clients and partners across the globe. We pride ourselves on our secure solutions, and so it is incumbent upon us to ensure that we incorporate security into every aspect of our business.

That’s why, amongst other things, we keep up-to-date with our ISO/IEC 27001 certification, conduct yearly third party and internal security penetration tests, and of course, employ 2FA ourselves. Two-factor authentication helps us protect our client- and internet-facing systems, our infrastructure, and secures various utility programs used in day-to-day business.

Protected access

2FA protects access for employees in the same way that it does for customers. Compromised, stolen, or simply weak passwords can be mitigated by also requiring a security code delivered over a device to which only the authorized user has access.

In the scheme we offer, GMS delivers a call to the user’s phone when that user enters their login and password. The last four digits (which can be randomly assigned at each call) form the authorization code. The user then enters this code to complete the login process. If the user is not trying to access the account they will receive a missed call, alerting them to the attempted intrusion on top of stopping the attacker from proceeding any further.

2FA enhances security while being quick, introducing a minimum of friction. That’s what makes it good for customer-oriented applications. But this also makes it an efficient and effective way of tuning up a company’s internal security. Accustoming employees to following security protocols is essential, so it’s vital that the process is straightforward for them to integrate into their routine.

But perhaps most importantly, 2FA works, with device-based options (such as a phone) unquestionably proving to be the most effective. Companies that only rely on passwords and employee common sense are at serious risk of account takeover and network intrusion, and something as simple as adding another layer of authentication can significantly reduce these threats.Find out how you can enhance your security – whether it concerns your customers or your employees. Talk to GMS about how we can add 2-factor authentication to your business.

Subscribe to our blog

Get the latest messaging, marketing and customer service tips and news.