In the digital age we’re in, protecting our identities and our sensitive information online is of key importance. Why? For the simple reason that there are people on the internet that will take advantage of you if you are not protected. Some problems that can happen include usernames or passwords being stolen or guessed, digital breaches that affect the core of your business, or unlawful financial transactions.
Imagine starting your day by opening your laptop or computer, and realising that none of your online accounts are accessible. Your email has been breached, your website content has disappeared, and your bank account is showing some inexplicable transactions being made via your credit card. Scary, isn’t it? As an accounting firm, we are especially concerned about sensitive information in online accounting files falling into the wrong hands. An important new option available via SME software to protect your online accounting file is Two-Factor Authentication.
So, what exactly is Two-Factor Authentication? Two-factor authentication (2FA), also called multiple-factor or multiple-step verification, is an authentication mechanism to double check that your identity is legitimate, and that you are indeed who you say you are. Accounting software companies like MYOB are introducing this technology and will soon be available across the board, as a practical and simple way to increase security for you and your data, reducing the risk of a data breach. 2FA is designed to protect your login identity, making it much harder for someone to impersonate you if they steal your passwords.
When it becomes available via the accounting software package you use, here’s how it works. You enter your username and password as usual. You’re then prompted to enter a code. This code is available via an app on your phone. You’ll need to have this app installed on your phone, but it’s free and it’s small (i.e. won’t take up much of your phone’s storage space).
This whole login process is barely seconds longer than you’re used to. You can also choose to “trust” the computer/device that you’re currently working on for the next 30 days, so every time you log in using that same computer and the same browser you won’t need to re-enter the code.
But if you go to another computer/device and login using your username/password, you’d be prompted for the code again. You’d then simply open the app on your phone and type the unique code into the login screen.
Without your physical device, remote attackers can’t pretend to be you in order to gain unauthorised access to corporate networks, cloud storage, financial information, etc. stored in applications. By integrating two-factor authentication with your applications, attackers are unable to access your accounts without possessing your physical device needed to complete the second factor.
Two-Factor Authentication is suitable for anyone who’s confident that they’re the only one who knows and uses their login details (username and password) and they’re ready to protect their login access. Watch it in action in the MYOB software here.
If you would like assistance in assessing the level of exposure and risk within your business and proactively working towards improving business processes and minimising weaknesses please contact your usual Hanrick Curran advisor or alternatively one of our Audit Partners, Matthew Green or Michael Georghiou on (07) 3218 3900.
We thank MYOB for their content contribution. If you would like more information, please visit their help page regarding two-factor authentication.
Please note that this publication is intended to provide a general summary and should not be relied upon as a substitute for personal advice.