Blog

category filters go here

What is two factor authentication?

For many years now, users have gained access to secure computing services by entering a user name and password.  This common everyday action for all of us, is called single factor authentication. While this approach has worked for a long time, it has now fallen prey to cyber criminals.  The surge in phishing attacks alongside password stealing malware means single factor authentication no longer cuts the mustard. Users are now turning to Two Factor Authentication (sometimes known as Dual Factor or Multi Factor). This improves security by adding an additional factor, which is resilient to attack.  Adding this extra layer of security,  protects accounts against phishing attacks, social engineering, password brute force attacks and secures your logins from attackers exploiting weak or stolen credentials.

The additional factor is often a password or code, which is frequently sent to a different, trusted device.  Codes can be sent by text or email or via an authenticator app.  Often it is time limited (usually to one minute or less). Aldo,  biometric indictors such as fingerprints and voice recognition are increasingly being used as the additional security factor.

Google recently completed a year long study into phishing attacks, in conjunction with New York University and University of California.  They found that the simple act of adding a recovery phone number to your google account can block 100% of automated bots and 99% of bulk phishing attacks.  Worryingly the vast majority of gmail users still don’t use 2FA.  The feature is offered with many of the accounts we use for personal email (gmail, yahoo etc) but most people do not enable it.  We strongly recommend 2FA is enabled for Office 365, as access to your business email can be a dangerous route into your network for criminals.

It is worth noting, that there have been some recent high profile cases were implementation of 2FA has been court ordered.  In addition to an $18.5 million fine, resulting from a data breach, the US company Target was instructed to implement specific security procedures, including 2FA.   It is widely recognised a security best practice.

 

How can RedMosquito help?

We recommend 2FA as a key factor of a multi-layered approach to cyber security.   Our Technical Consultants can advise on how to apply this to your systems.    There are different options for deployment and we can identify which suits your needs best.   No single security feature is a guaranteed fail safe but 2FA can substantially improve the security of both your work and personal accounts.  So, even if your password has been compromised, your accounts are still secure.  Why don’t you contact us today if you need advice.

RedMosquito provies IT Support in Glasgow, Edinburgh and throughout central Scotland. 

 

 

Brexit IT Funding

Grant funding for Brexit related IT costs

From 29 July 2020 businesses can apply for IT grant funding to cover IT expenditure needed to meet the requirements of Brexit. Staged border controls will begin in January 2021, at the end of the transition period. The Government is making funding of £50 million available to help businesses prepare for the additional customs declarations which will come in to play at that […]

penetration testing

What is Penetration Testing?

Penetration testing can be a useful tool for businesses to utilise as part of a cyber security audit.  Regular penetration testing will help your business identify any weaknesses, in your IT systems or applications, before they are exploited.   They can be a valuable tool in your multi-layered cyber security defence – if they are planned and executed properly! RedMosquito manages penetration testing for many of our IT […]

21 Jul 2020
Phishing Malware Email

Covid 19 Scams and Hacks on the Rise.

Recent reports say that the quantity of Covid 19 scams and hacks directed at homeworkers during the Coronavirus lockdown has grown considerably. The variation and sophistication of the attacks is also on the rise reported Darktrace in a recent article in The Guardian newspaper. Exploitation of homeworkers during the Covid 19 shutdown has increasingly become […]

23 Jun 2020