For many years now, users have securely accessed their Microsoft 365 email by entering a user-name and password. This common everyday action, is secure – as long as no one knows your user name and password! This approach worked for a long time but it has now fallen prey to cyber criminals. The surge in phishing attacks alongside password stealing malware means it no longer cuts the mustard.
Criminals have shown great resourcefulness in obtaining our passwords through a range of unscrupulous methods. Once in, they could impersonate you leading to all manner of horrors. From asking for a fake invoice to be paid to emailing customers to change bank details for payment. Of course, they can also use this is a route into your other networks. The will also have access to your SharePoint and One Drive accounts. The potential for damage is undoubtedly huge but thankfully – entirely avoidable.
Implementing Two Factor Authentication (2FA) on your account instantly slashes the criminals chance of success. While you might not be au fait with the term, you are likely already using 2FA on some accounts or devices. It simply means you will be asked for an additional piece of information before getting access to your account. This could be a fingerprint or facial recognition but it is most commonly a code which is emailed, texted or sent through an authenticator app to a different, trusted device. You would then input the code when asked and go on to access your email. Adding this extra layer of security, protects accounts against phishing attacks, social engineering and password brute force attacks. In doing so it secures your login details from attackers exploiting weak or stolen credentials.
As an IT Support provider we always recommend 2FA implementation as a key element of a multi-layered approach to cyber security. Our team can advise on how to apply this to your systems. No single security feature is a guaranteed fail safe but 2FA can substantially improve the security of your Microsoft 365 accounts. So, even if your password has been compromised, your accounts are still secure. Why don’t you contact us today if you need advice on deploying 2FA for your team.