Two-Factor Authentication for Office365 – Don’t let the hackers win…

According to a recent Verizon data breach report, over 80% of hacking related SupportITbreaches were as a result of weak, default or stolen passwords. Certainly, as an IT support organisation, SupportIT has seen a significant rise in the amount of calls as a result of passwords being compromised. It is not just financial institutions being targeted; it is happening in every type of organisation and to users at every level.
As an IT service provider, SupportIT always educates users on strong password policies and they can also work on strengthening firewall configurations and implementing group policies that enforce better security measures. However, at user-level these measures are not always enough because single-factor authentication doesn’t protect users against sophisticated hacking scams and keylogging tools that can lead to their machines getting compromised.
Two-Factor Authentication (2FA)SECURITY
As the hackers become more sophisticated so too must the measures organisations put in place to protect and prevent security threats. SupportIT recommends Two-Factor Authentication (2FA) across the board for its clients using Office365, or indeed any application that can be accessed over the internet. 2FA works by adding an extra layer of security on top of the password, so users have two steps to complete before they can log in on a new device – they enter their password in first, they are then required to acknowledge a phone call, text message, or an app notification on their smartphone before they can successfully sign in. It is particularly useful if users are accessing Office365 over a number of devices and strengthens your security around BYOD (Bring Your Own Device) Policies.
In terms of implementation, in the case of Office365 it is initially a matter of enabling Two-Factor Authentication on the Office365 console for each user then working with users to complete the verification process. This involves logging into the Office365 web browser, verifying the account and setting-up the second authentication method i.e. by SMS. At the end of the verification process the user receives a unique application password and it is important that they save this because they will need to use it to access any new application or device that is used for Email – this process will only need to be done once for each new device or application. To aid the roll-out, supportIT can come onsite for a block of time to coordinate with users and work through that verification process.
For more information on Security Services click here or contact SupportIT today about enabling Two-Factor Authentication on your Office365 Console.