2 Factor Authentication: Why we strongly recommend this to all our clients
At Pro Cloud Solutions, the safety and security of your business systems and information is of prime importance to us. Many of the conversations we have with clients and potential customers are around mitigating the business’ wider online exposure with measures to protect access to mission critical data. We strongly recommend the use of 2 Factor Authentication (commonly shortened to 2FA) to all our clients, and in this blog, we take a look at what is it and why is it so important.
Understanding the need for added security
The ever-onward march of technology, coupled with post-pandemic ‘new normal’ working patterns, means that more business processes and operations are being carried out online or digitally than ever before. By using the IT services that Pro Cloud Solutions offers, businesses are reaping the rewards that increased efficiency, hassle-free remote working and business agility are bringing. Through sophisticated cloud IT, company data can be accessed flexibly over a wide range of devices across the UK and abroad, meaning team members can have the information they need at their fingertips and can work collaboratively with colleagues in other locations, when working from home or in satellite offices etc.
As digital usage is increasing however, so are the potential threats to online safety and security, and 2FA is a vital tool in protecting your business from cyber breaches. The National Cyber Security Centre  details that:
“In recent attacks, adversaries have logged in to services using guessed or stolen passwords, thus granting that attacker the same permissions (sometimes privileged access) as the legitimate user. This is prevalent when there is no way to differentiate between the actual user and an attacker pretending to be them. These attacks work in a number of ways including:
Trying passwords from leaked datasets in case a user has reused a password on other services.
Socially engineering account details from users using techniques such as phishing.
Attempting to log into multiple user accounts using one of the passwords on the commonly used password lists.
In all these cases, authentication becomes the main decision point for whether a user or attacker can gain access to a service”
What is 2 Factor Authentication?
2 Factor Authentication is a security measure that requires more than one form of identification before someone is granted access to an account or system. Microsoft, who we are proud to partner with here at Pro Cloud Solutions, recommends the use of authenticator applications on smart phones or SMS verification as the second phase of this two-step user authentication.
For instance, you can install the relevant authenticator app on your mobile device. Upon logging in to your user account and entering the required username and password, you’ll be requested to enter the security code from your authenticator app on your Android or iOS device.
SMS, or text messaging, can also be used as a form of two-factor authentication when a message is sent to a trusted phone number. The user is prompted to either interact with the text or use a one-time code to verify their identity on a site or app.
How effective is 2 Factor Authentication?
Since, as reported by the National Cyber Security Centre, over 80% of cyber breaches happen due to weak or stolen passwords, 2FA provides the added layer of security necessary to protect users and their data. Microsoft is quite clear on the efficacy of 2FA: “By providing an extra barrier and a layer of security, double factor authentication makes it incredibly difficult for attackers to get past. 2FA can block over 99.9 percent of account compromise attacks. With 2FA, knowing or cracking the password won’t be enough to gain access”
What are the benefits of using 2 Factor Authentication?
Beyond being an incredibly effective deterrent to cyber attack, as described above, the use of 2FA has some useful further benefits:
2FA is quick and efficient.
Two Factor Authentication is the simplest, most effective way to verify that your people are who they say they are. It offers a user-friendly authentication experience which is both easy and speedy. Expert MSPs such as Pro Cloud Solutions can add 2FA rapidly across your company systems access, saving you time and negating lengthy in-house security discussions and implementations.
2FA allows control and ensures compliance
As defined in its articles, one of the core obligations of GDPR is the requirement for processors of personal data to take appropriate measures to protect it, and ENISA — the European Union Agency for Network and Information Security which advises member states and private sector organisations in implementing EU legislation, strongly recommends the use of 2FA . Furthermore, many of the businesses we work with at Pro Cloud Solutions haveindustry regulated controls to adhere to regarding the storage of and access to sensitive data, for which 2FA can be an important security tool.
2FA reduces password fatigue
This is a recognised condition that occurs when trying to create, remember and use different complex passwords. This malady places undue stress not just on individual users but on the organisations striving to protect critical data and other assets. Password fatigue results in employees reusing the same or very similar password(s) for multiple accounts, causing security fragility, and reportedly impacting heavily on their productivity and mental energy 
2FA systems have in-built monitoring features
When a 2FA system is in place, successful and unsuccessful authentication requests are logged, allowing the monitoring system to highlight unusual and potentially malicious login activity.
Simon Waugh, MD at Pro Cloud Solutions concludes:
“Implementing 2 Factor Authentication is at the top of the list in our data security recommendations to clients. Having a proactive plan around cyber security ensures that companies can benefit from all the advantages Cloud IT brings, without the worry of data vulnerability”
Pro Cloud Solutions works with businesses worldwide – spanning not only the globe, but also all sizes of business and industry. With our certified experts, your company information and systems are in safe hands - schedule a free consultation with one of our knowledgeable team today.
 https://www.ncsc.gov.uk/guidance/multi-factor-authentication-online-services  https://www.enisa.europa.eu/topics/cybersecurity-policy/data-protection  https://www.beyondidentity.com/blog/measuring-password-fatigue